A Word-Oriented Substitution–Permutation Network Cipher with Security Evaluation based on Active S-Box Bounds and a Dynamic Advanced Encryption Standard-Based Variant

Abstract

The Substitution–Permutation Network (SPN) serves as a foundational structure in the design of modern block cipher algorithms due to its effective realization of two essential properties: confusion and diffusion. Currently, the security of SPNs is actively studied, with the S-box structure and the diffusion layer being key components analyzed to enhance resistance against attacks. In this paper, we propose a generalized SPN-based cipher model inspired by the AES structure. We then present a novel theoretical approach to evaluating the security of this SPN cipher, based on a lower bound of the number of active S-boxes. This forms the basis for identifying the roles and cryptographic properties required of the component transformations in this type of cipher. Next, we propose a dynamic block cipher algorithm based on the AES cipher, which not only ensures the required level of security but also inherits the implementation advantages of the original AES. The dynamic AES block cipher demonstrates higher security compared to the original AES, passes randomness evaluation standards, and is efficiently implementable. These results are significant in guiding the design of secure and flexible block cipher algorithms, while also providing a theoretical foundation for the selection and evaluation of secure cryptographic components in modern cryptosystems.