Avalanche effect and bit independence criterion of perfectly secure Shannon cipher based on matrix power

In 2020 E. Sakalauskas with coauthors published a paper defining perfectly secure Shannon cipher based on matrix power function, proposing effective parallelization, and ensuring no need for multiple rounds encrypting one data block [1]. In this paper we present computational results with the avalanche effect and bit independence criterion (BIC). These criteria are important when describing the rate of confusion of bits in the ciphertext. It was observed that increasing matrix order and group size enhance BIC and avalanche effect results converging to the desired values. Based on the outputs it is possible to pick appropriate parameters satisfying security needs and available memory in a device where appropriate keys are going to be stored.


Avalanche effect and BIC
Cryptography security analysis methods such as avalanche effect and BIC allow us to evaluate block cipher secrecy by computing elements confusion after changing just one bit [2], determine elements confusion and dependance from other elements [3,4]. The values of these criteria are commonly calculated by considering the avalanche vector , which describes ciphertext bits change after flipping one bit in the plaintext: where vector has all entries equal to 0 except for the -th one which is equal to 1, entry ∈ 0,1 and function , is encryption function mapping shared key and plaintext to the ciphertext generally denoted by .
Using expression defined in Eq. (1), we compute the -th bit avalanche effect as follows: where indicates the number of bits changes after flipping -th bit. The desired value of the avalanche effect is 0.5 for all the bits, meaning that it is infeasible to distinguish which bit changes occur after flipping a random bit of the original message.
The bit independence of the two entries is being calculated by the maximal absolute correlation coefficient between avalanche vector and components. According to [2], BIC can be calculated by the formula: ( , ) = max |corr( , )|. (3) Furthermore, relying on Eq. (3) we can define the overall BIC for the whole ciphertext block ( , ) as the maximal correlation by checking all available pairs: Ideally, the value of BIC should be close to 0 hence ensuring that all the bit changes occur statistically independently.

Perfectly secure Shannon cipher based on matrix power function
The matrix power function (MPF) was introduced in [5], as the following mapping acting on the Cartesian product of the space of square matrices of order with itself: The general notation for this mapping is as follows: where , ∈ ( ) are matrices with entries from semigroup and , ∈ (ℝ) are matrices with entries from a finite ring of integers ℝ. This mapping allows us to raise the base matrix to the so-called power matrices and .
E. Sakalauskas with co-authors used the MPF in 2020 to propose a perfectly secure Shannon cipher defined over ℤ [1]. This cipher uses a plaintext matrix , private keys and along with a function : ℤ ↦ , which maps elements of ℤ to elements of the multiplicative Sylow group = {1,2,4}, which is a subgroup of ℤ * . Note, that actions in are performed modulo 7. A key feature of this mapping is that it does not carry over the addition in ℤ to the multiplication in and hence is not an isomorphism. The encryption function can be expressed in a following way: where : (ℤ ) ↦ ( ) is an entry-wise matrix analogue of the mapping f and is its inverse. Note that since F is not an isomorphism no cancelations in Eq. (6) are possible. We also use ⨀ to denote Hadamard product of two matrices.
It is worthy noting that the shared key { , } consists of 2 entries and hence is at least twice the length of the original plaintext given that extra bits may be added at the end message to make it appropriate length. However, the plaintext and ciphertext are roughly the same size.
To decipher the ciphertext, we denote by the inverse of matrix in Hadamard sense i.e., a matrix satisfying the following relation: where every entry in the matrix is the unit of the group .
Upon receiving the ciphertext its decryption is performed in the reverse order and can be summarized by the following expression: Perfect secrecy of the presented block cipher and the statistical independency of the ciphertext from the plaintext is proven in [1].
In this paper we investigate the avalanche effect and BIC for the presented block cipher in a more general form i.e., we expand the cardinalities of the algebraic structures considered. In other words, we consider the Sylow group of the multiplicative group ℤ * and an additive group ℤ . Hence in Eq. (4) we have , ∈ ( ) and , ∈ (ℤ ). Actions in are performed modulo a prime = 2 + 1.

Computational results
The avalanche effect of perfectly secure Shannon cipher defined in Eq. (6) is calculated using Eq. (2). For each fixed pair of parameters { , } we investigate the relation between avalanche effect and the matrix order . We executed 1000 experiments and the results averaged for each value of given the fixed pair { , }. In Table 1 we present the results of our experiments. Analyzing the obtained results, we see that as the parameter gets larger the avalanche effect increases to 0.5 whereas the matrix order does not have such big of an impact.
We perform the investigation of the BIC in a way similar to the one presented above. As above we performed experiments for each triplet { , , } and using Eq. (4) obtained the BIC values presented in Table 2. Note that increasing group size reduces BIC value. However, more importantly we see that small values of the parameter are clearly not suitable for implementation since the value of BIC approaches the worst possible case. Furthermore, we can see that increasing matrix order has some impact as well and it is more noticeable compared to an analogous result of the analysis of the avalanche effect.

Conclusions
In this paper we investigated the previously proposed Shannon block cipher which does not require multiple rounds to encrypt a message. Furthermore, we expanded our research of the initial scheme by introducing a pair of parameters { , } which makes our cipher more flexible as compared to the original. The obtained results show that even though no information about the plaintext is revealed by the encryption algorithm itself, small values of parameters cannot be used in practice since the BIC fails even for the largest value of matrix order we considered. However, the avalanche criterion is mostly satisfied and is quite near perfection even for small values of q. Hence, relying on the results presented in Table 1 and Table 2, a good recommendation to choose the system parameters { , , } is to find a balance between and keeping them reasonably small while also ensuring that BIC is satisfied. Keeping this in mind a triplet {4079, 2039, 15} can be considered a suitable choice for practical implementation.