DynBlock: dynamic data encryption with Toffoli gate for IoT

Abstract

The emergence of 6G networks, coupled with the expansion of smart devices, necessitates robust and efficient cryptography solutions to ensure secure communication. However, the existing resource-constrained cryptography solutions that rely on static permutation, substitution methods, variable key sizes, and fixed block size are vulnerable to quantum computing-based cryptanalysis and side-channel attacks. To address these challenges, this paper proposes a lightweight dynamic block cipher (DynBlock) algorithm. DynBlock is specifically suitable for resource-limited devices, and features a dynamic block size (64-128 bits), which is adaptable to symmetric encryption key sizes. Additionally, DynBlock includes dynamic permutation and substitution layers that enhance confusion and diffusion properties, along with a novel substitution-permutation network (SPN) algorithm that eliminates conventional substitution- and permutation-boxes. DynBlock leverages Tofoli gates and XOR operations to reduce the number of computation operations required to achieve optimal throughput and energy efficiency. Security validation of DynBlock is performed considering various metrics, including an average key avalanche effect of 53.85%, average plain-text avalanche effect of 57.82%, differential cryptanalysis (\(\Delta = 2^{-128}\)), and cryptanalysis (\(\Lambda = 2^{-64}\)). Performance is compared against various state-of-the-art schemes. We evaluate DynBlock with both 3 and 5 rounds to assess its security and computational efficiency. While the 5-round configuration offers stronger resistance to cryptanalytic attacks, the 3-round setup already delivers robust security, featuring high entropy and a strong avalanche effect, making it well-suited for resource-constrained environments. It is found that DynBlock significantly improves energy efficiency and throughput compared to its predecessors. Additionally, DynBlock demonstrates resistance to quantum computing-based attacks, improved side-channel attack resilience, and enhanced randomness and entropy.

Introduction

This the advent of 5G and 6G technologies, the expansion of IoT devices necessitates robust, resource-constrained cryptography for secure communication^1,2. In resource-constrained environments, encryption algorithms must balance high throughput requirements with limited resources^3,4. Thus, resource-constrained cryptography has gained significant attention due to its wide spread applicability in IoT systems with limited processing capacity, battery power, and memory size^5,6,7. When designing resource-constrained block ciphers, critical parameters include high throughput, diffusion, low latency, round numbers, and structure^1,8,9.

Table 1 The lightweight Block Ciphers without substitution boxes.

Generally, the dynamic data encryption process begins with an initial analysis of the data characteristics and device constraints^17,18. This includes evaluating the size of data, type, and sensitivity, alongside considering device limitations such as memory capaci-ty and processing power. These factors are essential for fine-tuning the encryption process, selecting an appropriate key length based on the desired security level, and determining the number of encryption rounds, commonly set between two and four. After these preparatory steps, the encryption process is initiated by receiving the data to be encrypted and an encryption key. Typically, this encryption key is a symmetric key, either provided or dynamically generated, to ensure secure transformations of the input data. Following this, a calculation is performed on the secret key to determine the block size, which typically ranges from 64 to 128 bits. With the block size configured, a dynamic Substitution-Permutation Network (SPN) is created to replace traditional static substitution- and permutation-boxes (S-boxes and P-boxes). In this network, dynamic substitution and permutation layers are generated based on key-dependent transformations. The encryption process then unfolds through three rounds of substitutions and permutations, with the Toffoli gate applied in the final round. The Toffoli gate enhances data security by adding non-linear diffusion. Upon completing the encryption rounds, the encrypted data, or ciphertext, is structured and concatenated into a final output format, ready for secure transmission or storage.

Figure 1

Overview of DynBlock .

Data encryption, in general, involves transforming plaintext into ciphertext using an encryption key, rendering the data unreadable to unauthorized parties¹⁹. Standard encryption methods, including both symmetric and asymmetric schemes, rely on fixed block sizes and fixed SPNs to achieve confusion and diffusion. In traditional block ciphers, static S-boxes (substitution layers) and P-boxes (permutation layers) manage the transformation, which can result in predictable encryption structures and may limit flexibility, especially for resource-constrained environments like IoT. Figure 2 explain the implementation of dynamic data encryption.

Reversible gates have garnered significant attention in recent research due to their wide range of applications, particularly in cryptography²⁰. Among these, the Toffoli gate stands out for its efficiency and reversibility, aligning well with resource-constrained design methodologies. The Toffoli gate, which is reversible and lightweight²¹, operates with three inputs and one output. If the first two inputs are both set to 1, the third input (target) is inverted; otherwise, the target remains unchanged. These characteristics make the Toffoli gate particularly suitable for enhancing nonlinear diffusion in encryption schemes.

Table 2 Notations and descriptions.

Recent resource-constrained block ciphers, such as New Lightweight Block Cipher Algorithm (NLCA)²², Lightweight and Efficient Low-latency Block Cipher (LELBC)¹¹, and Lightweight and Secure Authentication (LSA)²³, exhibit static or partially dynamic architectures regarding permutation, substitution, data block, and key size. Other schemes like GFRX¹⁰ and LELBC¹¹ suffer from issues such as large computational overhead, static key/block sizes, and weak mathematical operations like XOR. GFRX’s high round count and complex key management reduce performance, while LELBC’s static parameters limit adaptability. While XOR operations are effective in enabling diffusion in lightweight ciphers, schemes that rely solely on XOR, without incorporating sufficient non-linear transformations, may lack robustness against advanced cryptanalytic attacks. As demonstrated in¹², such designs benefit from simplicity but may require additional components to achieve a stronger security profile. Static structures require optimization but are vulnerable to attacks, whereas dynamic structures increase complexity and security^24,25. Dynamic cipher structures address limitations of static structures, enhancing security through dynamic substitution²⁶. However, designing efficient dynamic ciphers with reduced rounds while maintaining essential cryptographic properties poses numerous challenges²⁷.

To overcome limitations in existing resource-constrained ciphers, we introduce DynBlock i.e. a lightweight, key-dependent dynamic cipher. Unlike traditional designs, DynBlock adapts its block size (ranging from 64 to 128 bits in steps of 8) based on key characteristics rather than fixed lengths. It avoids conventional S-boxes and P-boxes, instead employing a key-driven dynamic structure that ensures both efficiency and strong cryptographic properties. Built on a simplified SPN framework with just three rounds, DynBlock utilizes the Toffoli gate, a reversible logic gate, to achieve efficient nonlinear diffusion. The cipher uses basic operations (XOR, modulo, complement, addition, AND, OR, and cyclic shift) to ensure low memory overhead and fast processing, making it ideal for constrained environments. Table 1 presents a comparative overview of DynBlock’s methodology against existing schemes.

Contribution

The main contributions of this work are as follows:

1. 1)

   We propose DynBlock, a fully dynamic and lightweight block cipher tailored for resource-constrained environments, offering a balance between efficiency and security.

2. 2)

   DynBlock employs the Toffoli gate to achieve reversible and efficient nonlinear diffusion with minimal computational overhead.

3. 3)

   The cipher supports variable block and key sizes, reduced rounds, and integrates operations such as XOR, modulo, cyclic shifting, and addition for optimized performance.

4. 4)

   By reducing the encryption process to only three rounds, DynBlock achieves high efficiency without sacrificing cryptographic robustness.

Table 2 describes the notations used in this paper. The rest of the paper is organized as follows. Section “Related work” describes the related work and “DynBlock: the proposed algorithm” illustrates our proposed ‘DynBlock’ algorithm. We evaluate the proposed algorithm in “Security evaluation” and finally “Conclusion” concludes the paper.

Related work

Several lightweight cryptographic ciphers have been proposed in recent years. However, these earlier works primarily suffered from static characteristics, encompassing fixed permutation, substitution, block size, and key size, or exhibited only partially dynamic structures. Most recent cryptographic algorithms designed for resource-constrained environments, such as LELBC¹¹, HDLBC¹, LSA²³, GFRX¹⁰, and SLA²⁸, retain a fully static structure. In contrast, DBST³ features a partially dynamic design. Yang et al.²⁴ proposed the DULBC encryption technique based on a SPN. This method utilized a 64-bit block size and offered 80-bit or 128-bit key sizes, with encryption rounds varying from 25 to 30 depending on the key length. DULBC introduced a degree of dynamism through its round function, which incorporated an unfixed F-function and bit-based permutation. Despite these advancements, the technique retained a static block size of 64 bits, limiting its adaptability and impacting security. Furthermore, the high number of rounds (25/30) resulted in increased computational overhead, affecting overall performance.

Figure 2

Overview of dynamic data encryption.

Another lightweight encryption technique¹² is introduced based on XOR and permutation matrix by following both permutation and substitution are dynamic. Although it is based on dynamic permutation and dynamic substitution, its block size is variable, and it is chosen from a range of sizes before starting encryption. Ragab et al.¹³ introduced M-XXTEA, which is a symmetric block cipher that is based on the Feistel structure. M-XXTEA consisted of a 64-bit block size with a 128-bit key. It introduced dynamic permutation and substitution, which utilized a chaotic key-generated approach. But similar to DULBC, M-XXTEA block size is static, and further it is based on 32 rounds of encryption. The static nature of block size and the higher number of rounds influence both security and performance. Therefore, we propose a completely dynamic data encryption approach in our research work, which includes permutation, substitution, key size, and block size based on key dependence.

Different architectures can be adopted to design cryptographic algorithms, with some relying on Feistel structures and others on SPNs. Lightweight ciphers, such as LRBC²⁹, utilize a combination of both Feistel and SPN networks. Traditional Feistel structures generally consume more energy and time due to the extensive use of circular functions, in contrast to SPNs, which are optimized for faster block cipher construction. Moreover, in Feistel structures, only half of the plaintext block is processed in each round, whereas SPN structures achieve diffusion more rapidly. Consequently, SPN architectures are increasingly favored for their efficiency in cryptographic applications. In cryptography, the secure design of algorithms relies heavily on confusion and diffusion properties, which can be effectively achieved using SPN structures. For instance, SLA²⁸ and LSA²³, which are based on SPN structures, incorporate a higher number of rounds (16, 7, and 25/30, respectively). Reducing the number of rounds in such algorithms can enhance efficiency, particularly if their partially or completely static behavior is replaced with a dynamic SPN structure. To this end, a resource-constrained, key-dependent strategy is proposed in our research, leveraging a dynamic SPN structure with just 3 rounds, ensuring both security and efficiency.

Designing lightweight cryptographic algorithms involves balancing efficiency and the maintenance of cryptographic properties, which is a challenging task. The confusion and diffusion properties, fundamental to secure ciphers, are often achieved through substitution and permutation mechanisms. Substitution boxes (S-boxes), being nonlinear components, enhance security but come with increased memory demands. In contrast, several resource-constrained ciphers, such as HIGHT³⁰, TEA³¹, and LEA³², use alternative techniques to achieve similar cryptographic properties without relying heavily on S-boxes and P-boxes, making them suitable for memory-constrained devices. HIGHT and TEA employ Feistel structures with fixed block sizes of 64 bits and fixed key sizes of 128 bits, while HIGHT uses 32 rounds to achieve diffusion. LEA, on the other hand, utilizes an Add-Rotate-XOR structure with a static block size of 128 bits and supports key sizes of 128, 192, and 256 bits. Zhang et al.¹⁰ introduced GFRX, a resource-constrained encryption methodology based on the Feistel architecture. It supports block sizes ranging from 64 to 128 bits and key sizes from 96 to 256 bits. Similar to HIGHT and LEA, the higher number of rounds in GFRX (ranging from 26 to 34) impacts algorithmic efficiency but enhances security. As compared to the previous schemes, the proposed DynBlock avoids fixed S-boxes and P-boxes, using a flexible structure built on a simple 3-round SPN model enhanced with the Toffoli gate. It uses basic operations like XOR, addition, modulo, and bit shifts to stay efficient and lightweight, making it ideal for memory-constrained environments.

Figure 3

Design of proposed DynBlock.

DynBlock: the proposed algorithm

The proposed lightweight dynamic block cipher introduces a unique approach to data encryption by employing dynamic block sizes and key-dependent transformations that eliminate conventional S-boxes and P-boxes. This approach not only enhances security through greater variability, but also improves computational efficiency, making it especially suitable for IoT and IIoT devices with limited processing capacity. Figure 3 explains the methodology of the proposed algorithm. DynBlock calculates the dynamic block size for each encryption operation. The block size, which ranges between 64 to 128 bits, is determined based on the input secret key, providing adaptability to various security and resource requirements. The detail about various components of the DynBlock is provided in the following subsections.

Methodology for computing block size

This process employs the input secret key to determine the dynamic block size, ranging from 64 to 128 bits, along with three pivotal parameters. These parameters, ascertained through various logical operations and mathematical formulas, play a significant role in the encryption process. Figure 4 illustrates the calculation of the block size, in which the secret key is 64 bits. In the first step, we divide this secret binary key into four equal parts, each containing 16 bits. Subsequently, we apply the 2’s complement operation to each divided 16-bit part. The third step is to swap each part with the adjacent part after performing the 2’s complement operation. After swapping, we perform an XOR operation between the first two parts, resulting in a 16-bit value (a). Similarly, we apply XOR between the third and fourth parts, also resulting in a 16-bit value (b). Then, we apply XOR again between a and b, yielding another 16-bit value (c). Afterward, we insert the values of a, b, and c into equation (1):

$$\begin{aligned} h(a,b,c)=\ 64+\ [(a+b+c)\ mod\ \{(c\ mod\ 9)\ + 1\}]\ *8 \end{aligned}$$

(1)

Given that values of a, b, and c range between 0 and 65535, the output indicates a dynamic block size in the range of 64-128 bits. One major strength of equation (1) lies in the fact that the values of a, b, and c cannot be computed even if the output is known due to their infinite combinations. These values of a, b, and c are utilized in dynamic substitution, permutation, and key expansion. Algorithm 1 provides the routine for calculating the block size in the proposed scheme.

Algorithm 1

Calculating Block Size Routine

Key expansion and scheduling

We calculate the block size, which ranges from 64 to 128 bits, and then expand the key accordingly. No further action is required if the input key size matches the block size. However, if the key length deviates from the calculated block size, we expand the key accordingly. Bits from a, b, and c, which are computed during the block size calculation, are utilized. This ensures that the expanded key is compatible with the dynamic block size, optimizing it for secure encryption. DynBlock uses a key scheduling process to further enhance security, generating multiple subkeys from the original key for each block. Starting with the master key \(k_1\), additional keys \(k_2\), \(k_3\), etc. are generated through repeated XOR operations involving a, b, and c. The generation of \(k_2\) stems from a master key, \(k_1\), ranging from 64 to 128 bits. Additionally, we have values a (16 bits), b (16 bits), and c (16 bits), totaling 48 bits, generated using a block size calculation method. To form \(k_2\), we repeat a, b, and c until their combined length matches that of \(k_1\), denoted as \(k_0\). Next, we perform an XOR operation between \(k_0\) and \(k_1\), resulting in \(k_2\). This guarantees the encryption of each block using a unique key, thereby decreasing the likelihood of pattern recognition.

Figure 4

Computation of block size.

Figure 5

DynBlock encryption process.

DynBlock encryption process

Our design goal is to use a lightweight dynamic block cipher that will save resources, take minimum processing time, and still protect data with cryptographic properties like randomness, confusion, diffusion, and encrypting. The proposed approach is based on SPN framework, incorporating three rounds to strike a balance between lightweight characteristics and security. Figure 5 provides an abstract depiction of the encryption process. First, we apply dynamic permutation and then perform dynamic substitution in the first round. In the second round, we perform another dynamic permutation, based on an exponential function, in conjunction with dynamic substitution. In the final round, we utilize a Toffoli gate and perform XOR operations between each block and their respective keys. After determining the block size, we divide the plain text into segments that correspond to this block size. We use a dynamic padding scheme if the plain text’s length does not perfectly align with the calculated block size. Here, we source extra bits from the master key to fill the last block, ensuring uniformity across all blocks in the encryption process. Algorithm 2 provides the encryption routine of the proposed scheme.

• Permutation Layer: The first round of the proposed dynamic permutation method extracts 8 bits from the secret key and another 8 bits from a 16-bit value, computed during the key-dependent block size calculation methodology. We then combine these 8 bits from the secret key and 8 bits from value a (16-bits) to create a 16-bit sequence, which we then convert into a decimal integer. The resulting integer (X) is utilized to determine the number of left bitwise rotations to apply to the block, using a predefined mathematical expression (2). According to the calculated block size methodology, Y represents the size of the block, which varies from 64 to 128 bits.

  $$\begin{aligned} X\ \%\ Y\ \mathcal {E}\ \ [64-128] \end{aligned}$$

  (2)

  Expression (2) serves to determine the appropriate number of left bitwise rotations for application to the block. Its notable advantage lies in its dynamic nature, with all parameters being dependent on the key. We perform cyclic shifting in the second round of permutation. Cyclic shifting applies not only to blocks but also to inner blocks. During cyclic shifting, each sub-block is rotated to the left by a calculated shift value position determined through an exponential function, where e\(^{x}\) represents the result of the average, with x being the input, magnifying the change. Simultaneously, we rotate each block to the left by one position.

• Substitution Layer: In dynamic substitution, our main design goal is to propose a methodology without using an S-box, which reduces computational complexity. Consider an example that uses a block cipher of 64 bits. We execute the proposed dynamic substitution by concatenating the values of a, b, and c, computed during a block size calculation, until they reach the length of the permuted block size, ranging from 64 to 128 bits. Then, we perform an XOR operation between the concatenated results of a, b, and c, and each permuted block. We then substitute the XOR result into each corresponding block. This process introduces dynamic substitution, which depends on the secret key.

• Implementation of Toffoli gate: We apply the Toffoli gate, a reversible 3-bit logic gate, in the final encryption round. Table 4 describes how the Toffoli gate works. This gate accepts three inputs, and inverts the third bit if the first two bits are both 1, leaving it unchanged otherwise. In the DynBlock cipher, the Toffoli gate operates as follows: In the DynBlock cipher, A signifies the corresponding substituted block key, B stands for \({k_0}\), generated during the key scheduling process, and C represents the target bit, signifying the substituted blocks where the Toffoli gate is applied. Consequently, the Toffoli gate works in a manner that is dependent on the key. The Toffoli gate is strategically integrated to enhance ciphertext randomness and improve the statistical diffusion of output bits without introducing significant computational overhead. The core motivation for incorporating the Toffoli gate lies in its capacity to introduce non-linearity and improve bit mixing in the final round of encryption. By placing the Toffoli gate in the last round, we ensure an additional layer of transformation that is capable of significantly altering the ciphertext’s structure, making the cipher more resistant to statistical and linear attacks. Table 3 highlights the multifaceted role of the Toffoli gate in the final cipher round, emphasizing its contributions to security, entropy, and efficiency.

Table 3 Importance of Toffoli Gate.

Table 4 Toffoli Gate.

After the completion of the Toffoli gate operation, we perform an XOR operation between each key and its corresponding block. This final XOR operation guarantees the unique encryption of each block using its own subkey, thereby enhancing data integrity and security. Three encryption rounds complete the process, generating the ciphertext ready for transmission. Although we implemented and limited our scheme to 3 rounds, we also extended our evaluation to a 5-round configuration to assess the trade-off between enhanced security and computational efficiency. While increasing the number of rounds improves resistance against modern cryptanalytic attacks, demonstrated by stronger statistical properties, such as higher entropy and a more pronounced avalanche effect; Our findings indicate that the 3-round configuration already achieves a strong balance between security and performance. Its lightweight nature makes it particularly suitable for resource-constrained environments. Therefore, despite the added robustness of the 5-round variant, we still prefer the 3-round setup due to its optimal trade-off between efficiency and sufficient cryptographic strength. Overall, DynBlock leverages a series of key-dependent, dynamic operations — block size calculation, permutation, substitution, and Toffoli gate applications — to create a lightweight, highly secure encryption technique. By eliminating static components like S-boxes and P-boxes, it reduces computational complexity and adapts to the constraints of IoT and IIoT devices. This dynamic approach not only improves performance metrics, such as throughput and energy efficiency, but also fortifies security against cryptanalytic attacks by increasing data unpredictability.

DynBlock decryption process

The decryption process of the DynBlock cipher begins with the ciphertext, divided into blocks matching the dynamic block size (64-128 bits) calculated during encryption. These blocks are processed individually to ensure accurate reconstruction of the plaintext. The secret key (64 bits) is integral to this process, enabling key expansion through the same dynamic methodology employed during encryption. Additional keys are derived by concatenating dynamic parameters, which were calculated during the block size computation. XOR operations between these parameters and the master key yield the necessary subkeys for decryption, ensuring a unique key is applied to each block for secure and deterministic reconstruction. Figure 6 explains the implementation of decryption process.

Algorithm 2

Encryption routine of DynBlock

Figure 6

DynBlock decryption process.

The decryption process systematically reverses each encryption layer, starting with the Toffoli gate. This reversible 3-bit logic gate operation is undone using the ciphertext block, its corresponding subkey, and the dynamic parameters derived from key expansion. Following this, the dynamic substitution layer is reversed by reapplying the XOR operation between the concatenated values and the substituted ciphertext blocks. This step effectively restores the blocks to their permuted states. The dynamic permutation layer is then reversed by applying right cyclic shifts, calculated using the same dynamic equation used during encryption. This reorders the bits to their original arrangement, ensuring the plaintext is accurately reconstructed block by block.

After processing all blocks, the decrypted blocks are concatenated to reconstruct the original plaintext. If dynamic padding was added during encryption, it is removed based on the original plaintext’s length. This design ensures a lightweight yet secure decryption process, eliminating the need for computationally intensive S-boxes by relying on key-dependent dynamic operations. The approach ensures that decryption is not only efficient but also secure, as all layers and operations depend on the secret key and dynamic parameters. By adhering to cryptographic principles of reversibility and confusion, the DynBlock cipher’s decryption process guarantees robust protection against unauthorized access while maintaining computational efficiency.

Security evaluation

We conduct several experiments to evaluate the security and quality of the proposed algorithm, comparing it with other symmetric and resource-constrained block ciphers.

Table 5 Comparison of various cryptographic algorithms for avalanche effect.

Table 6 NIST statistical testing of DynBlock.

Table 5 compares our proposed DynBlock with the previous techniques. It also presents a comparative analysis of various cryptographic algorithms, specifically focusing on the average key avalanche effect and average plaintext avalanche effect, thereby evaluating their resilience in terms of key sensitivity and plaintext sensitivity. The results indicate that the proposed DynBlock encryption technique outperforms several established algorithms, demonstrating an average key avalanche effect of 53.85% and an average plaintext avalanche effect of 57.82%. In comparison, the next closest algorithm, HDLBC, achieved an average key avalanche effect of 50.01%, while traditional algorithms like AES and LSA did not exceed 49%. The results indicates that DynBlock significantly enhances the avalanche effect, which is crucial for robust encryption, as small changes in either the key or the plaintext produce substantial changes in the ciphertext. This characteristic is vital for thwarting cryptanalysis attempts. Furthermore, algorithms such as GFRX exhibit considerably lower average effects at 32%, underscoring the efficacy of DynBlock in ensuring that any minor variations lead to more pronounced alterations in the encrypted output. Overall, the results validate DynBlock’s effectiveness and improved cryptographic performance, establishing it as a promising new method in dynamic data encryption techniques.

Avalanche effect

The avalanche effect is one of the most important parameters used to check the security of an algorithm. It implies that a single-bit change in the plaintext should result in a significant change in the ciphertext. If the change exceeds 50 percent in the ciphertext, it indicates a positive avalanche effect. Equation 3 illustrates the calculation of avalanche effect.

$$\begin{aligned} w_a=\ \ \frac{Number\ of\ Changed\ bit\ in\ ciphertext}{Number\ of\ bits\ in\ ciphertext}\mathrm {\times \ 100} \end{aligned}$$

(3)

Figure 7

Average encryption and decryption time of the DynBlock.

In testing, we use a 64-bit plaintext and a 64-bit key for this purpose. Table 5 presents the results for the key avalanche effect, where we conducted 6 trials by randomly changing one bit in the key while keeping the plaintext constant. The table shows that the average key avalanche effect is 53.85%. In contrast, for the plaintext avalanche effect, we maintained the key constant across all 6 trials and randomly changed one bit in the plaintext. The average plaintext avalanche effect is calculated to be 57.82%. It demonstrates that the proposed algorithm effectively achieved the avalanche effect.

NIST testing

The National Institute of Standards and Technology (NIST) developed a test, which is essentially a statistical test for the randomness of binary sequences generated by cryptographic algorithms. Table 6 presents various statistical tests we conducted. The purpose of these tests is to assess the randomness of ciphertext; greater randomness implies greater security. For this, a P-value is computed. If the computed P-value is \(\mathrm {<}\)0.01, then the sequence is considered non-random, meaning it is not secure. Otherwise, the sequence is deemed random and secure.

Table 7 Time required for Brute Force Attack.

Table 8 Comparison of DynBlock execution time (s) with previous schemes.

Table 6 summarizes the results of NIST statistical testing for the DynBlock dynamic data encryption technique, evaluating its randomness and security through various statistical tests. Each statistical test assesses different aspects of the output data. For instance, the Frequency (Monobit) Test and the Frequency Test within a Block indicate that the distribution of bits is approximately equal, which is crucial for robust encryption; they yielded high p-values of 0.2482 and 0.6766, respectively, both accepted as meeting the criteria. The Runs test further confirmed that there are no significant patterns in sequences of identical bits, with a p-value of 0.4592. Notably, the test for the longest runs of ones produced a lower p-value of 0.0221, which was still accepted, indicating that the sequences of bits were managed. The Discrete Fourier Transform Test found no periodic patterns in the data with a p-value of 0.4267, while the Linear Complexity Test showed an appropriate level of complexity. The Serial Test and the Approximate Entropy Test further validated unpredictability in the output with p-values of 0.2459 and 0.2886, respectively. Lastly, the Cumulative Sums Test and the Random Excursions Test provided additional assurance of randomness in the output by yielding p-values that surpassed the 0.01 threshold. Overall, all conducted tests suggest that the DynBlock encryption method exhibits strong statistical randomness.

Figure 8

Throughput analysis vs trendline.

Figure 9

Data integrity and error rate analysis.

Table 9 Comparison of input and output difference pairs.

Round evaluation

Although we initially implemented and limited our scheme to 3 rounds, we performed additional evaluations by increasing the number of rounds from 3 to 5, as shown in Table 10. We provide a comparative analysis of both configurations in terms of entropy, avalanche effect, and randomness, using the NIST Statistical Test Suite. While 3-round ciphers offer performance benefits, modern cryptanalytic methods often require more rounds to ensure sufficient diffusion and resistance to attacks. Hence, we also evaluate the security implications of extending DynBlock to five rounds to ensure robustness without significantly impacting efficiency. Our analysis confirms that the 5-round DynBlock also achieves improved randomness and complexity while preserving the avalanche effect and maintaining high entropy. The results from the NIST Statistical Test Suite show enhanced performance in the 5-round configuration, especially in frequency and spectral analysis. These evaluations affirm that DynBlock with five rounds also provides a stronger resistance to modern cryptanalytic techniques without compromising its lightweight characteristics.

Table 10 Comparison of DynBlock-3 rounds and 5 rounds.

Table 11 Random excursions test results.

Table 12 Random excursions variant test results.

To strengthen our security evaluation, we included results from the Random Excursions Test and the Random Excursions Variant Test from the NIST Statistical Test Suite. The Random Excursions Test assesses how often a random walk visits various states. As shown in Table 11, all tested states produced high P-values (e.g., 0.8386, 0.9576), indicating no statistical irregularities. This confirms that the ciphertext behaves like a truly random sequence. The Random Excursions Variant Test checks the number of visits to specific states. As shown in Table 12, the observed counts and corresponding P-values (e.g., 0.9562, 0.9194, 1.0) all fall within acceptable ranges. This further validates the randomness of the output. These results support the conclusion that even with 3 rounds, DynBlock produces ciphertexts that pass rigorous randomness tests, offering reliable security while maintaining efficiency.

We run and test our encryption algorithm by inputting a plaintext message and a 64-bit secret key. Our algorithm processes the input and outputs a ciphertext in binary format, completing in 0.0182 seconds. To assess the quality of the encryption, the entropy of the ciphertext is calculated using a function (calc.Entropy), yielding a high value of 0.9978 bits, indicating strong randomness and good security properties. The test implementation is as follows:

In summary, both 3 and 5 rounds of DynBlock show strengths in different security metrics. While 5 rounds offer slight improvements in entropy, 3 rounds consistently perform better in key metrics like key avalanche effect, frequency-based NIST tests, and matrix rank tests. The difference in performance is particularly noticeable in several statistical tests, where 3 rounds show a more favorable outcome. Therefore, despite some small advantages for 5 rounds in specific areas, the overall performance favors 3 rounds, making it the preferred choice for maintaining security and efficiency.

Figure 10

Trade-off analysis: security levels vs time.

Figure 11

Encryption vs decryption time analysis.

Differential cryptanalysis

Differential cryptanalysis is one of the mostly used cryptanalysis methods for testing block cipher security. While resource-constrained cryptography specifically caters to capacity-limited environments, its cryptographic attributes are essential for secure transmission. Differential cryptanalysis takes advantage of the high probability of certain occurrences of input differences and output differences. Differential cryptanalysis is based on a chosen plaintext-ciphertext scenario where an attacker can access the ciphertext after selecting any plaintext as input to the cipher.

Table 9 illustrates differential cryptanalysis, highlighting the relationship between differences in input and corresponding differences in output. In differential cryptanalysis, the output difference is denoted as \(\Delta\)Y, as described in equation 4, and the input difference is denoted by \(\Delta\)X. This pair (\(\Delta\)X, \(\Delta\)Y) is known as a differential.

$$\begin{aligned} \Delta Y\ =\ Y\ \oplus \ Y' \end{aligned}$$

(4)

$$\begin{aligned} \ \ \ \ \ \ \ \ \ \ \Delta X\ =\ X\ \oplus \ X' \end{aligned}$$

(5)

To perform this analysis, we first choose an input difference \(\Delta\)X. Then, we generate a set of input pairs with the difference \(\Delta\)X, where the plaintext X is chosen. Using equation 5, we calculate to get the pair (X, X’), which has the difference \(\Delta\)X. After that, encrypt each pair and calculate the output difference using equation 4, and after that count the occurrence of each output difference \(\Delta\)Y and finally compute probabilities. DULBC²⁴ is a lightweight block cipher that is based on SPN and is a dynamic structure. Due to its dynamic structure, DULBC cannot enumerate all differential characteristic probabilities and has proven to be resistant to differential cryptanalysis. The frequency \(\Delta\)Y demonstrates that certain \(\Delta\)X do not alter specific bits. Each distinct output difference appears precisely once across the 16 pairs, indicating that the likelihood for any given output difference is 1/16. This proved that there is no direct correlation between input and output differences. Similarly, we design our proposed cipher, based on SPN and a completely dynamic structure, to withstand differential cryptanalysis.

Figure 8 presents the throughput analysis, showing how the throughput of DynBlock decreases as file size increases due to processing overhead. Despite this decline, the throughput remains high, demonstrating the cipher’s efficiency. The trendline further confirms the expected performance drop with increasing file size. Figure 9 examines data integrity and error rate, where the integrity rate remains close to 100%, indicating the reliability of DynBlock in preserving data correctness. Meanwhile, the error rate remains minimal but slightly increases for larger file sizes, which could be attributed to accumulated computational precision issues. Figure 10 explores the trade-off between security levels and time, showing that as the security level increases, encryption and decryption times also rise. However, the overall computational time remains relatively low, proving that DynBlock is optimized for performance even at higher security levels, making it suitable for resource-constrained environments.

Figure 11 compares encryption and decryption times across different file sizes. Both times increase linearly, demonstrating that DynBlock scales well with increasing data size. The encryption and decryption times remain nearly equal, highlighting balanced performance and ensuring minimal computational delay. Figure 13 provides insights into the performance trade-offs across different security levels. It shows that higher security levels lead to slightly increased encryption and decryption times, which is expected. However, the results confirm that DynBlock effectively balances security and performance, ensuring suitability for IoT/IIoT devices that require both efficiency and protection. Figure 14 further investigates the impact of data size on encryption and decryption times. The results indicate a near-linear increase in processing time as data size grows. This confirms that DynBlock is well-optimized for handling larger datasets without introducing significant overhead. Encryption and decryption times remain close, demonstrating minimal processing latency. Figure 12 demonstrates the avalanche effect of the proposed scheme and other lightweight cipher techniques.

Figure 12

Avalanche effect of Ciphers.

Linear cryptanalysis

Linear cryptanalysis computes probabilistic parity connections between ciphertext, selected bits of plaintext, and a secret key. Unlike differential cryptanalysis, which relies on a chosen plaintext attack, linear cryptanalysis is based on a known plaintext attack. The fundamental concept behind linear cryptanalysis involves deriving key information by computing a linear equation that consists of ciphertext, plaintext, and a secret key. So, this association should maintain a probability of 1/2 for a secure cipher. However, if an attacker finds a correlation with a bias \(\mathrm {\ne }\)0, it could potentially be exploited in an attack. We consider an example that demonstrates the resilience of our proposed cipher against linear cryptanalysis. In this example, we first input the plaintext and secret key into our proposed cipher, which subsequently produces the ciphertext. Now, the supposed attacker intercepted ciphertext during transmission and possesses some part of plaintext. If the attacker successfully inputs both the known plaintext and the intercepted ciphertext into the same cipher, and manages to drive the secret key or a portion of it, this indicates a weakness in the proposed cipher. Table 13 demonstrates that the proposed encryption method is resistant to Known Plaintext Attacks (KPA), meaning an attacker cannot easily guess the secret key just by knowing part of the plaintext and its encrypted version. This enhances the security of the proposed technique.

Table 13 Comparison of known plaintext attack (KPA) scenario.

Brute force attack

A brute force attack in encryption is a technique used by an attacker to decrypt a secret message by systematically trying all possible keys until the correct one is found. The hacker uses trial and error techniques to find the key. The objective of a brute force attack is to continue this process until potential combinations are exhausted and a correct match is found. However, the effectiveness of the attack depends on factors like key length, the total number of characters in the set, and computational speed. The following equation is used to estimate the time required for a brute force attack to succeed:

$$\begin{aligned} BFA\_Time=\frac{2^{Key\ length}}{Processor\ Speed\ (\frac{Instructions}{Second})} \end{aligned}$$

(6)

In the proposed DynBlock for a 128-bit symmetric key, there are 3.4 \(\times\) 10\(^{38}\) possible combinations, so there is a physical rationale supporting the computational security of a 128-bit symmetric key against brute force attacks. Table 7 provides results illustrating the time required for a brute force attack on a 128-bit symmetric key using a 2 GHz processor, which executes 2 \(\times\) 10\(^{9}\) instructions per second. Therefore, it can be approximated that 5.37 \(\times\) 10\(^{21}\) years would be necessary for exhaustively searching a 128-bit secret key using brute force attack techniques.

Empirical validation of Toffoli gate security contribution

To empirically validate the security impact of the Toffoli gate, a comprehensive set of statistical tests was conducted, comparing ciphertext outputs generated with and without the Toffoli gate in the final round. The configuration with the Toffoli gate achieves a near-random output distribution, whereas the configuration without it exhibits significant deviation, suggesting potential pattern leakage. The increase in entropy and favorable frequency test results demonstrate that the Toffoli gate meaningfully contributes to enhancing the cipher’s resistance to statistical cryptanalysis by improving bit-level randomness and reducing potential output predictability.

Table 14 Statistical analysis of binary ciphertext output with and without Toffoli Gate (flat sequence).

Table 15 Comparative analysis of ciphertext security metrics with and without Toffoli Gate.

A Z-score near 0 indicates ciphertext randomness (secure). A large \(|\text {Z}|\) suggests non-random patterns (insecure). Therefore, our proposed scheme with the Toffoli gate exhibits more statistically secure bit-level randomness. The flat sequence examination indicates that the ciphertext with the Toffoli Gate is fairly random, with a mean bit distribution close to 0.5 and a non-significant z-score (-1.56). In comparison, the ciphertext without the Toffoli Gate shows significant differences (z = 4.21), indicating a probable bias. This confirms the Toffoli gate’s contribution to improved statistical security.

We also conducted a statistical randomness and diffusion analysis. This evaluation focuses on the behavioral impact of the Toffoli gate on binary data transformations, particularly in terms of enhancing non-linearity, unpredictability, and entropy, which are crucial to security and resistance to cryptanalysis. We present both flat sequence analysis and grouped analysis to illustrate how the Toffoli gate impacts the statistical behavior of encrypted data, measured by metrics such as mean, standard deviation (STD), standard error of the mean (SEM), and 95% confidence intervals (CI). The rationale is that if the Toffoli gate contributes meaningfully to non-linearity, we should observe a varied distribution and deviation from uniform predictability in the transformed outputs.

Table 16 Comparison of frequency (monobit) test results with and without Toffoli Gate.

Statistical insights into ciphertext randomness

We perform a detailed statistical analysis of binary outputs with and without the Toffoli gate. We examine both flat sequences and grouped chunks of ciphertext to evaluate randomness and distribution balance. For flat sequences, the mean is 0.52 with a standard deviation of 0.5076, and a 95% confidence interval of [0.3801, 0.6599], indicating close-to-uniform distribution. Grouped chunk analysis shows varying means around 0.5, with all falling within acceptable confidence bounds. These fluctuations demonstrate strong diffusion and randomness in the output. We also plotted confidence intervals and Z-score distributions, which confirm that the output values are statistically balanced and unpredictable.

Table 17 Flat sequence analysis (all data combined).

Table 18 Grouped analysis (chunks of 10 elements).

Table 19 Statistical analysis for flat sequence.

Table 20 Statistical analysis for grouped chunks.

Balanced output

A cryptographic algorithm produces ciphertext with approximately equal numbers of 0’s and 1’s, known as a balanced output. We conducted the balanced output test on different samples generated by the proposed cipher. Table 21 illustrates that the cipher generated through our proposed method exhibits an approximate balance between 0’s and 1’s. A cipher with balanced output is generally regarded as stronger against linear attacks compared to others.

Table 21 Output for the balanced output of the proposed cipher.

The balanced output observed in DynBlock indicates that the ciphertexts produced exhibit an almost equal distribution of 0’s and 1’s. This is a crucial characteristic in modern encryption algorithms, as it plays a vital role in enhancing the security of the encrypted data. When the number of 0’s and 1’s are nearly identical, it becomes significantly more difficult to detect any patterns in the ciphertext, which is a fundamental requirement for robust encryption. If there were any noticeable imbalance in the number of 0’s and 1’s, it could potentially lead to weaknesses in the encryption, making it easier for an attacker to infer information about the original plaintext. The balanced distribution suggests that the DynBlock involves some form of randomization, such as in XOR-based ciphers or stream ciphers, which are specifically designed to eliminate any inherent bias in the output. DynBlock ensures that the output does not favor 0’s or 1’s over time, making it unpredictable.

Execution time

To conduct tests related to execution time, we utilized MATLAB, a multi-paradigm programming language. The system specifications used were an Intel(R) Core (TM) i7-1355U 1.70 GHz processor, 16.0 GB (15.7 GB usable) of DDR4 RAM, and a 64-bit operating system. Figure 7 and Table 8 present a comparison among various resource-constrained cryptographic algorithms, clearly demonstrating the efficiency of the DynBlock over other algorithms. We conducted tests on different sizes of text data: 64 bits, 1 kb, 49 kb, 256 kb, 512 kb, and 1 Mb, measuring execution time in seconds for both encryption and decryption.

Table 8 presents results of various methods including SLA, BORON, PRESENT, AES, 3DES, and a lightweight XOR-based cipher, each tested under specific system specifications. For small data sizes, such as 64 bits, DynBlock demonstrates very efficient encryption and decryption times, with a combined execution time of only 0.000295 seconds. This outperforms other schemes tested with similar data sizes, like SLA and BORON, indicating DynBlock’s suitability for lightweight encryption tasks. As the data size increases, DynBlock maintains competitive performance. For instance, at 49 KB, DynBlock achieves an execution time of 0.040253 seconds, which is significantly faster than AES and 3DES, which require 0.119 and 0.107 seconds, respectively, for the same data size on comparable hardware. When tested with larger data sizes, such as 1 MB, DynBlock remains efficient, with a total execution time of 0.91863 seconds, indicating that it scales well with the data size without a drastic increase in processing time. This performance is particularly notable when compared to the lightweight XOR-based cipher, which shows a much slower performance of 47.9 seconds for 34.5 KB, showcasing DynBlock’s effectiveness in handling large data sizes. In summary, DynBlock offers significantly improved speed in encryption and decryption across various data sizes compared to other encryption techniques, making it a promising candidate for applications requiring both lightweight and rapid encryption solutions for varying data sizes.

Figure 13

Performance trade-offs across security levels.

Figure 14

Impact of data sizes on encryption and decryption times.

Figure 15

Implementation of DynBlock on ModelSim-Session-1 .

Figure 16

Implementation of DynBlock on ModelSim-Session-2 .

Figure 17

ModelSim-DynBlock-Dataflow.

Analysis and validation of DynBlock hardware implementation using ModelSim

We implement the complete Verilog-based hardware design of DynBlock to validate its compatibility with digital hardware simulation environments. Due to financial constraints, we utilized ModelSim-SE-64 2020.4, a widely accepted industry-standard simulator, to verify the functional correctness and feasibility of the DynBlock encryption and decryption modules. We have implemented the DynBlock algorithm in Verilog as a set of lightweight and modular hardware components. Our hardware architecture comprises several key modules, including a key expansion unit for round-wise key generation, dynamic block division logic supporting flexible block sizes, bitwise XOR and dynamic substitution layers to introduce confusion, a cyclic shift unit for data diffusion, and a dynamic permutation module to enhance structural complexity. These modules have been integrated into a top-level encryption module, with a fully developed testbench to validate functional behavior. All modules were implemented, synthesized, and tested using ModelSim-SE-64 2020.4, with 128-bit plaintext and secret key inputs. We verified the correctness of the encryption pipeline under various configurations, including 3-round and 5-round operations, demonstrating consistent and expected output behavior. Our implementation deliberately avoids computationally intensive operations such as modular arithmetic and instead leverages lightweight logic (e.g., XORs and shifts), enhancing efficiency and making the design more suitable for low-power or embedded systems.

Below given output shows the successful compilation of Verilog modules in ModelSim using the vlog command for the DynBlock encryption and decryption system. All core modules, including the testbench, were compiled without errors, indicating readiness for simulation.

Conclusion

In this paper, a new lightweight dynamic block cipher ‘DynBlock’ is introduced based on an SPN designed to address the challenges faced by the completely static structure. With a dynamic block size ranging from 64-128 bits and a calculation based on a secret key (64-128 bits), the DynBlock offers a completely dynamic cipher structure (permutation, substitution, block size, and key size), thereby enhancing security compared to static alternatives. Through rigorous testing, including the avalanche effect, linear and differential cryptanalysis, NIST testing, and other security assessments, the DynBlock is found to have robust security properties. Furthermore, the proposed DynBlock is not only secure, but also incredibly fast, taking significantly less time than other lightweight block ciphers to both encrypt and decrypt data. This was made possible by reducing its structure to just three rounds and adding a Toffoli gate. We evaluate DynBlock using both 3 and 5 rounds to assess security and efficiency. While 5 rounds enhance resistance to cryptanalysis, the 3-round version already provides strong security, exhibiting high entropy and a strong avalanche effect, making it ideal for resource-constrained environments. Furthermore, the proposed algorithm does not use any traditional substitution or permutation boxes. Overall, the proposed DynBlock presented a promising solution for securing resource-constrained devices without compromising on efficiency, rendering it a feasible choice for real-world deployments across diverse applications.