Super Encryption Standard (SES): A Key-Dependent Block Cipher for Image Encryption

Abstract

Data encryption is a core mechanism in modern security services for protecting confidential data at rest and in transit. This work introduces the Super Encryption Standard (SES), a symmetric block cipher that follows the overall workflow of the Advanced Encryption Standard (AES) but adopts a key-dependent design to enlarge the effective key space and improve execution efficiency. The SES accepts a user-supplied key file and a selectable block dimension, from which it derives per-block round material and a dynamic substitution box generated using SHA-512. Each round relies only on XOR and a conditional half-byte swap driven by key-derived row and column vectors, enabling lightweight diffusion and confusion with low implementation cost. Experimental evaluation using multiple color images of different sizes shows that the proposed SES algorithm achieves faster encryption than the AES baseline and produces a ciphertext that behaves statistically like random noise. The encrypted images exhibit very low correlation between adjacent pixels, strong sensitivity to even minor changes in the plaintext and in the key, and resistance to standard statistical and differential attacks. Analysis of the SES substitution box also indicates favorable differential and linear properties that are comparable to those of the AES. The SES further supports a very wide key range, scaling well beyond typical fixed-length keys, which substantially increases brute-force difficulty. Therefore, the SES is a promising cipher for image encryption and related data-protection applications.

1. Introduction

The increasing use of computer systems to store and transmit data has led to the problem of vulnerability to confidential data breaches. Since user data usually contains confidential and personal information, it becomes necessary to protect the user’s data against various malicious attacks, such as avoiding data loss and ensuring data integrity. Several techniques, such as steganography [1,2], watermarking [3,4], and encryption [5,6], are currently appropriate to ensure a high level of security of confidential data, especially medical images, which are highly sensitive and often targeted by cyberattacks. Steganography allows secret data to be hidden within innocuous files, while watermarking ensures the authenticity and ownership of the data, and encryption secures the data against unauthorized access during storage and transmission. Encryption techniques are primarily used to protect data both at rest and in transit, providing a robust mechanism to defend confidential information over public networks from a variety of malicious attacks [7,8]. These techniques are especially critical in healthcare, financial, and government sectors, where data breaches can lead to severe consequences, including financial loss, legal penalties, and privacy violations.

Among these techniques, image encryption has emerged as a critical tool for securing visual data in areas such as healthcare, surveillance, and multimedia applications [9]. Images, unlike textual data, contain large amounts of correlated and structured information, making them particularly vulnerable if traditional encryption is applied without adaptation. Image encryption algorithms, including classical symmetric ciphers such as AES, DES, and Blowfish, as well as chaos-based and transform-domain methods like Discrete Cosine Transform (DCT) based encryption, provide tailored mechanisms to protect pixel values, reduce perceptible patterns, and enhance confidentiality [10,11]. These approaches focus on achieving high diffusion and confusion, ensuring that encrypted images are resilient to differential, brute-force, and statistical attacks. By integrating image-specific encryption techniques with general-purpose encryption, the overall data protection framework is strengthened, particularly for highly sensitive datasets such as medical imaging and biometric records.

Any encryption system consists of two basic components: an encryption algorithm and encryption keys [12]. Currently, the available cipher schemes are categorized into two types: symmetric cipher systems, which use the same secret key for both encryption and decryption [13,14,15], and asymmetric cipher schemes, which use two different keys, one for encryption (the public key) and one for decryption (the private key) [13]. Symmetric encryption is faster and achieves a sufficient level of security, but suffers from the problem of secure key distribution, which is critical when the data needs to be shared across multiple users or systems [16,17,18]. Asymmetric encryption, on the other hand, is slower and computationally more expensive, but effectively solves the key distribution problem by allowing secure communication without the need to exchange the secret key [19]. Nevertheless, attackers may attempt to exploit the mathematical relationship between the key pair to compromise the security of the encryption system, which necessitates ongoing research into more robust key generation and encryption schemes.

No matter how difficult and complex the encryption algorithm is, it is usually publicly available, as transparency in algorithm design allows for peer review and evaluation of security strength. Therefore, the most important factor in the strength of the encryption algorithm is the encryption key used, which is the only secret component in the system. Researchers are constantly exploring innovative ways to generate keys that are strong, unpredictable, and resistant to attacks such as brute-force or cryptanalysis. The two characteristics that determine the strength of a key are its randomness and the size of the key space, as larger and more random keys significantly increase the difficulty for attackers attempting unauthorized access. Advances in key generation techniques, such as pseudorandom number generators and chaotic sequences, are often employed to enhance the resilience of encryption systems.

On the other hand, the two main operations that all encryption systems perform are substitution and transposition, which are used to generate the necessary diffusion and confusion effects in the encrypted data, ensuring that patterns in the plaintext cannot be easily detected in the ciphertext. The developed encryption algorithms adopt different methods to implement these two operations, with the aim of achieving the highest protection for the data while also reducing encryption time and computational complexity. Optimizing these operations not only enhances security but also ensures that encryption can be applied to large datasets or real-time systems without significant performance degradation.

Some of the encryption algorithms developed have proven strong enough to be adopted for use in various areas of data protection. Examples of such algorithms are Data Encryption Standards (DES and 3DES), AES, Blowfish, Twofish, RC4, etc. Among these, AES is considered the most powerful and widely recommended due to its combination of speed, security, and adaptability to various applications [20]. AES has proven to be highly resistant to attacks such as differential and linear cryptanalysis. However, it is only a matter of time until attackers develop new techniques capable of compromising AES, which underscores the ongoing responsibility of researchers to develop new encryption algorithms that offer additional security properties and better performance to counter evolving threats.

Accordingly, in this work, the SES encryption algorithm was developed to achieve a high level of data protection by considering the key factors that contribute to a strong encryption system. SES incorporates a large key size to enhance resistance against brute-force attacks, reduces encryption time to improve computational efficiency, and produces a high level of distortion in the encrypted data to increase resistance against cryptanalysis. In addition, other performance and security factors, such as avalanche effect, key sensitivity, and resistance to common attacks, were tested and evaluated in the “Experiments and Performance Tests” section to ensure the algorithm’s robustness.

The objectives of this work are: (1) to design a secure and efficient encryption algorithm that maximizes data protection; (2) to develop a key generation method that produces highly random and robust keys; (3) to implement optimized substitution and transposition operations that achieve high diffusion and confusion; (4) to evaluate the performance of the proposed algorithm in terms of encryption time, distortion, and security strength; and (5) to provide a scalable solution suitable for various sensitive data applications, particularly in medical and personal information systems.

The novelty of the SES encryption algorithm lies in its comprehensive approach to enhancing both security and efficiency. Unlike conventional algorithms that may compromise between speed and security, SES integrates robust key generation, optimized substitution and transposition mechanisms, and rapid encryption processing. Experimental results show that SES produces high distortion in encrypted data, resists common cryptanalytic attacks, and outperforms existing algorithms in terms of both security and computational efficiency. This makes SES a practical and reliable solution for protecting sensitive information in modern computing environments, addressing emerging threats while maintaining operational performance.

The rest of the paper is organized as follows. Section 2 spotlights relevant related work in the literature, highlighting the strengths and limitations of existing encryption techniques. Section 3 explains the design and methodology of the proposed SES encryption algorithm. Section 4 describes the implementation of SES, presents the performance evaluation metrics during the experiments, and discusses the recorded results in detail. Finally, Section 5 concludes this work and provides recommendations for future improvements and potential applications of the SES algorithm.

2. Related Work

Since the AES algorithm has a set of fixed parameters that are publicly known, it has become a frequent target for various cryptanalysis attacks, some of which have successfully revealed vulnerabilities in its structure. Many researchers have therefore focused on analyzing, optimizing, and enhancing AES to improve its speed, security, and efficiency across different computational environments.

The performance of the AES depends mainly on speed, space, and power [21]. The S-Box, in particular, plays a crucial role in these aspects. A novel S-Box architecture proposed in [9] was designed to be extremely low power, strongly parallel, and highly space-efficient. The comparison results showed that the proposed architecture excelled in power, speed, and space performance, consuming only 1.57 mW compared to the 7.98–503.9 mW range of existing designs. Through pipelining, the design achieved a throughput of 3.2 Gbps and reduced the critical path delay to 0.6 ns for a 16-byte process using 66–1056 gate equivalents, compared to traditional implementations requiring up to 1920 GE.

To enhance resistance against brute-force and cryptanalysis attacks, ref. [22] introduced the Secure Feedback Encryption Method (SeFEM), integrating three security schemes: sequential logical encryption/decryption, logical operations (XOR, binary adder, and exclusive-AND), and a dynamic S-box. SeFEM uses 11 independent keys, unlike AES and DES, which rely on a single key, significantly improving brute-force resistance. Experimental results demonstrated higher security, efficiency, and flexibility in cloud file encryption, reducing computation time and resource consumption—making it well-suited for mobile and cloud environments.

In [23], the authors investigated whether the S-box of AES could be replaced with a secret S-box while reducing the number of encryption rounds. Using integral cryptanalysis, they demonstrated that it is possible to recover both the secret key and the secret S-box for different AES rounds. Attacks on the 4th and 5th rounds of AES showed that chosen ciphertext attacks had significantly lower time complexity compared to chosen plaintext attacks. The use of a secret S-box expanded the key space from 128 to 256 bits to 1812–1940 bits, significantly increasing resistance to brute-force attacks. Despite this increase, integral cryptanalysis was still feasible up to six rounds, with a time complexity of 2^90, much smaller than the exhaustive 2^128 key search.

To reduce computational complexity, ref. [24] redesigned the MixColumn transformation, achieving 10.93% hardware improvement, 13.6% lookup table optimization, and 1.19% delay reduction compared to the traditional approach. Similarly, ref. [25] replaced the MixColumn function with a 6-order magic square, reducing encryption time by 45.9% (33 ms vs. 61 ms for the Lena image) and improving diffusion and randomness, with NPCR = 99.99% and a linear complexity test improvement from 0.211 to 0.999. Another modification was suggested in [26], where Bit Permutation was used instead of MixColumns, resulting in encryption that was 100–1000 ms faster, with CPU utilization reduced by 1–3%, and an avalanche effect increase from 54.69% to 64.01%.

To further improve nonlinearity and confusion, ref. [27] proposed a key-dependent dynamic S-Box, which adapts its substitution values based on the encryption key. This dynamic behavior increases the unpredictability of the cipher and significantly strengthens resistance against linear and differential cryptanalysis, achieving a 22.5% improvement in Hamming distance compared to the standard AES S-Box. In a related study, ref. [28] enhanced the SubBytes and ShiftRows transformations by making SubBytes round key-dependent and randomizing ShiftRows. These modifications amplified diffusion, as reflected by the avalanche effect increase from 50.78% to 57.81%, meaning a small change in the plaintext affects a larger portion of the ciphertext. Importantly, these improvements were achieved with only a minor increase in encryption time, demonstrating that security enhancements can be obtained without significant performance trade-offs.

A cascading AES-AES approach was proposed in [29], in which the number of encryption rounds was reduced from ten to five, and the MixColumn operation was omitted twice. This modification significantly decreased the computational complexity from 2⁴⁸ to 2¹⁶, effectively halving the encryption time per data block while maintaining acceptable security levels. This strategy demonstrates how careful restructuring of AES operations can achieve substantial performance gains without drastically compromising cryptographic strength. Likewise, ref. [30] introduced an optimized AES implementation using a (2 × 256) byte lookup table instead of the conventional four-table design. This approach drastically reduces memory requirements by 0.28–2.50× and enhances processing speed by up to 1.43×, making it particularly suitable for resource-constrained environments, such as IoT devices and embedded systems, where both speed and memory efficiency are critical. These improvements underscore the importance of implementation-level optimizations alongside algorithmic modifications in achieving practical, high-performance AES encryption.

Further improvements focused on enhancing the Substitution Box (S-Box), a critical component for AES security and performance. In [31], an optimized S-Box employing a modified affine transformation was proposed, which reduced the time required to generate substitution values from 40 μs to 31 μs, resulting in a 25% improvement in encryption speed for files ranging from 1 KB to 10 KB. This demonstrates that structural optimizations of the S-Box can substantially enhance AES efficiency without compromising security. In a complementary approach, Farwa et al. [32] designed a novel S-Box based on a fractional linear transformation over GF (2⁸). Their design not only simplified computation but also significantly strengthened cryptographic properties, achieving a strict avalanche criterion (SAC) of 0.5058 and a bit independence criterion (BIC) of 112, outperforming the standard AES S-Box as well as other widely used S-Boxes such as APA and Gray. These results indicate a robust increase in confusion and resistance to linear and differential attacks, making the proposed S-Box highly suitable for lightweight and secure encryption systems.

To address the high processing complexity of nonlinear S-Box operations, Ming et al. [33] added a secure and highly efficient masking scheme using linear operations to reduce the cost of masked S-boxes in AES. The recorded results showed that no exploitable leaks were detected in the first-order side channel. The combined approach is also about 25% faster and at least 70% more efficient.

A modification of AES has been proposed by Basu et al. [34] to encrypt high-definition (HD) Images. The researchers used the genetic approach in the S-Box generation and key expansion processes. The modified AES algorithm using GAs was relatively more resistant against differential and side-channel attacks through the evolved S-Box presenting higher nonlinearity and a lower order of transparency. Genetic operations (crossover and mutation) used during the key generation process replaced the traditional XOR operation, thereby making the key generation process more random and unpredictable to any attacker. The encrypted results have shown a very uniform histogram distribution in the ciphered images, which reduces the statistical similarity with the original image and improves the diffusion and confusion properties.

Finally, the parameters of the AES algorithm play a crucial role in protecting against attacks. Seghier et al. [35] proposed a new version of AES by replacing the original S-Box with a cube of six exchangeable S-Boxes generated from different irreducible polynomials that are selected dynamically depending on the encryption key. The proposed modified AES involves a cube with 6 interchanging S-Boxes, generated using different key-dependent irreducible polynomials. This increases the number of combinations of used S-Boxes for each block encryption round to as high as 4.34 × 10³⁷ for 10 rounds, 1.02 × 10⁴⁴ for 12 rounds, and 2.41 × 10⁵⁰ for 14 rounds. The nonlinearity, differential uniformity, and algebraic degree remain invariant at 112, 4, and 7, respectively, while resistance against linear and differential attacks is improved by the dynamic change in S-boxes. At modified AES, it was somewhat superior to standard AES in the correlation coefficient tests 0.070609 vs. 0.070844, SAC, and linearity span test 0.50630 vs. 0.49489. This depicts that the diffusion and confusion properties are improved, and hence, more resistant to attacks.

The reviewed literature reflects a progressive evolution in AES optimization strategies, emphasizing dynamic S-Box design, lightweight implementation, and enhanced resistance to advanced cryptanalysis. While these approaches have achieved notable improvements in speed, efficiency, and security, most existing studies focus on isolated aspects such as S-Box design or implementation optimizations, leaving a gap in addressing key generation, diffusion, and overall encryption efficiency simultaneously. This gap highlights the need for encryption schemes that balance robust security with computational performance across all critical components. Motivated by these insights, this work introduces the SES encryption algorithm, designed to provide high security, reduced encryption time, and strong data distortion, thereby addressing the current limitations in AES-based encryption methods and advancing the state-of-the-art.

3. Proposed Algorithm

Although the proposed encryption algorithm tries to simulate the main operations used in the AES. However, the work involved analyzing every operation used in AES and trying to replace it with a more efficient one. Operations in SES take place in two stages: the preparation stage and the encryption stage. In this work, digital images were initially selected to test and evaluate the proposed encryption algorithm. In the future, the proposed algorithm will be applied to other types of data.

3.1. Preparation Stage

The user of SES needs:

• Enter the source digital image S that will be encrypted with SES to produce an encrypted image E. S is an image with dimension n × m, where n is the width of the image in pixels, m is the height of the image in pixels and each pixel is represented as a vector of three bytes/colors (Red, Green, and Blue) as shown in Figure 1.

SES treats S as a string of bytes by reading the pixel values in S raw by raw. S = [(S₀, S₁, S₂), (S₃, S₄, S₅), …) as shown in Figure 1. The size of the image S_Size is calculated using Equation (1).

$$S_{Size}=\mathrm{W}\mathrm{i}\mathrm{d}\mathrm{t}\mathrm{h}\times \mathrm{H}\mathrm{e}\mathrm{i}\mathrm{g}\mathrm{h}\mathrm{t}\times \mathrm{P}\mathrm{a}\mathrm{l}\mathrm{e}\mathrm{t}\mathrm{t}\mathrm{e}$$

(1)

where Width and Height are the width and height of the S, and Palette = 3 represents the three-color channels (Red, Green, and Blue).

2.

Enter a digital file of any type to use it as a key K. K_Size represents the size (in bytes) of the K. The secure utilization of SES requires a safe sharing mechanism for key file K between the sender and receiver. The exchange of key file K can be accomplished through public key encryption methods, including RSA or ECC, or by utilizing Diffie–Hellman protocols to establish shared keys between parties. Secure key transfer may be accomplished by adding timestamp and nonce values and signature features to the key file, which guarantees authentication and tamper resistance and protects confidentiality.

3.

Specify the dimension D of the data block. Where D is one of seven choices: (4 × 4, 8 × 8, 16 × 16, 32 × 32, 64 × 64, 128 × 128, 256 × 256).

SES performs a transposition operation that changes the location of each byte to a new random location, and this operation is performed on bytes in S and K. The seed value of the pseudo-random generation algorithm used in SES is calculated using Equations (2) and (3).

$$HV=SHA512\left(K\right)$$

(2)

$${Seed}_V={XOR}_{b=0}^{63}\left({HV}_{byte}\left(b\right)\times b\right)$$

(3)

Implementing transposition operations helps make SES very sensitive to any small changes that may occur in any byte in K. The dependency of the calculated value of Seed_V on the byte values in K makes the random locations generated for all bytes in S and K completely different when K is changed.

A set of data structures is created to facilitate the implementation of the SES. These data structures are described here:

• SBox: represents a two-dimensional block (16 × 16) containing non-repeating values between (0…FF)₁₆ distributed randomly in the SBox. The seed value Seed_v of the pseudo-random generation algorithm is used here to distribute the values in SBox. This means that the generated SBox will differ based on the initial key K. The pseudo-random generation of the SBox in SES ensures that substitution layers are dynamic, adding a layer of unpredictability compared to AES’s static S-Box. The process uses a secure random number generator to construct S-Boxes that satisfy cryptographic properties like high nonlinearity and differential uniformity. Figure 2 shows an example of an SBox, where the numbers in each cell are represented in the hexadecimal number system.

2.

DataBlocks (DB): represents a set of two-dimensional blocks (D × D) containing the bytes of the source image S. Where the number of these block NoDataBlocks (NDB) is calculated using Equation (4). Figure 3 shows an example of a DB with dimensions (4 × 4). The numbers in the cells are represented in the hexadecimal number system.

$$NDB=S_{Size}/(D\times D)$$

(4)

3.

KeyBlocks (KB): represents a set of two-dimensional blocks (D × D) containing the bytes of the key K. In SES, encrypting each block in DB needs a different block in KB. So, the number of blocks NoKeyBlocks (NKB) in KB is the same as that of NDB. The first block KB₀ of the KB is filled by sequentially reading the necessary bytes from K and filling them into KB₀. The key generation process, as shown in Algorithm 1, successively generates the remaining blocks of the KB. Figure 4 shows an example of a KB with dimensions (4 × 4).

Algorithm 1: Key Generation Process

For (b: 1 … NKB1)     For (r: 0 … D − 1)      For (c: 0 … D − 1)       Row = Left (KBb−1 (r, c))       Column = Right (KBb−1 (r, c))    KBb (r, c) = SBox (Row, Column)    KBb (r, c) = KBb (r, c) XOR KBb−1 (r, c)

Where Left (KB_b−1 (r, c)) and Right (KB_b−1 (r, c)) represent the left and right half of a byte in KB_b−1 (r, c) as shown in Figure 5 as an example, where Left = (1101)₂ = (13)₁₀ and Right = (0110)₂ = (6)₁₀.

4.

RowVector (RV): for each KB_b, an RV_b is generated that is a vector containing D elements, each RV_b (j) element at index j (where j: 0 … D1) has a value that is calculated by performing an XOR operation between the values in row j in KB_b using Equation (5). Figure 6 shows an example of an RV.

$${RV}_b\left(j\right)=\left[{XOR}_{k=0}^{D-1}{KB}_b\left(j,k\right)\right]mod D$$

(5)

5.

ColumnVector (CV): for each KB_b, a CV_b is generated that is a vector containing D elements, each CV_b (j) element at index j (where j: 0 … D − 1) has a value that is calculated by performing an XORring operation between the values in column j in KB_b using Equation (6). Figure 6 shows an example of a CV.

$${CV}_b\left(j\right)=\left[{XOR}_{k=0}^{D-1}{KB}_b\left(k,j\right)\right]mod D$$

(6)

3.2. Encryption Stage

The encryption stage consists of two main operations performed to encrypt the source image S and generate the encrypted image E.

• The XOR Operation

The XORing operation is performed between the value of each element in DB_b and the value of the corresponding element in KB_b. Algorithm 2 below illustrates how the XOR operation is carried out.

Algorithm 2: XOR Operation

For (b: 0 … NDB − 1)     For (r: 0 … D − 1)      For (c: 0 … D − 1)    DBb (r, c) = DBb (r, c) XOR KBb (r, c)

2.

The Swap Operation

The swap operation between the two halves of a byte in the element DB_b (r, c) is performed only when the RV_b (r) = CV_b (c). Algorithm 3 below illustrates how the swap operation is carried out.

Algorithm 3: Swap Operation

For (b: 0 … NDB − 1)     For (r: 0 … D − 1)      For (c: 0 … D − 1)       If (RVb(r) = CVb(c))     DBb (r, c) = Swap (Left (DBb (r, c)), Right (DBb (r, c)))

The SES algorithm only uses logical operators (XOR and Swap) in the encryption phase. The logical operations take less execution time than the arithmetic operations. This will reduce the time required to perform the encryption process.

Upon completion of the operations in the encryption stage, the required confusion and diffusion effects will occur in the source image S, and the encrypted image E will be produced.

3.3. Design Rationale

The components of SES are arranged to maximize diffusion and key sensitivity. The conditional half-byte swap is used to introduce position-level variability: depending on the values of the round parameters, the high and low nibbles of each byte are permuted differently. This mechanism diversifies the internal state and accelerates round-level diffusion, ensuring that small byte differences propagate across multiple positions after a few rounds.

SES employs a key-dependent S-box generated from pseudo-random processes seeded with key material. Because the S-box is not fixed across all keys, classical fixed-S-box metrics such as nonlinearity or differential uniformity are not uniformly meaningful. As commonly noted in the literature on key-dependent substitution layers, these metrics cannot be generalized when each session uses a unique S-box, and attackers cannot precompute or reuse structural properties. The primary security benefit comes from the unpredictability and non-reusability of the S-box for any given key. The interaction between the dynamic S-box, XOR mixing with key blocks, and the conditional nibble permutation creates a nonlinear and key-dependent round transformation that complicates differential and linear decomposition attempts. This design increases key sensitivity and prevents straightforward structural cryptanalysis across multiple keys.

4. Experimental Results and Evaluation

Many experiments conducted to evaluate and compare the proposed SES encryption algorithm to the AES algorithm using several metrics, such as key space (Brute force attack), statistical and visual tests, encryption execution time, avalanche effect, correlation analysis, Normalized Mean Absolute Error (NMAE), Peak Signal-to-Noise Ratio (PSNR), information entropy, Number of Changing Pixel Rate (NPCR), the Unified averaged Changed Intensity (UACI), S-Box randomization, differential and linear cryptanalysis of S-Box [36,37,38].

Several different images of different sizes were used in the experiments. Figure 7 depicts some of these images. The results of some of these tests are listed and discussed in the subsections below.

4.1. Key Size and Key Space

The key length (usually measured in bits) and the randomness of the encryption key used affect the success or failure of a brute-force attack. Using a larger key length increases the time it takes attackers to crack the key, and the randomness of the key makes it more difficult to guess the key.

While the AES algorithm uses a maximum encryption key size of 256 bits, the proposed SES algorithm gives the ability to use different sizes of encryption keys ranging from (4 × 4) bytes to (256 × 256) bytes, as mentioned earlier. Therefore, we can calculate the key size (in bits) used in SES using Equation (7).

$${KeySize}_{bit}=(D\times D)\times 8$$

(7)

This means that the range of the key size (in bits) used in SES is from 128 bits to 524,288 bits. The key size in SES is large compared to the key size used in the AES algorithm; this key size makes it difficult to be cracked by attackers using brute force attacks.

Table 1. Key size and key space for the AES and SES algorithms.

Encryption Algorithm	Encryption Key
	Key Size (Bits)	Key Space
AES	256	2256
SES	${KeySize}_{bit}$	>$2^{{KeySize}_{bit}}$

shows the key size and the key space for the AES and SES algorithms, where ${KeySize}_{bit}$ is defined in Equation (7).

The robustness of SES is in its larger key size, which exponentially increases resistance to brute-force attacks. The key size follows state-of-the-art practices for ensuring data protection against current computational capabilities.

4.2. Visual and Statistical Tests

One of the main goals of any proposed image encryption algorithm is to achieve a high level of diffusion and confusion effects in the encrypted image [20]. Diffusion and confusion effects will prevent attackers from guessing the nature of the source image. SES aligns with the principles of confusion and diffusion as per Shannon’s criteria. Additionally, SES introduces enhanced substitution-permutation operations, ensuring higher diffusion and confusion levels compared to AES. Figure 8 shows the success of SES in achieving a high level of distortion in the generated encrypted images using different key sizes.

Attackers typically try to obtain information about the distribution of colors/bytes intensity in an image using statistical analysis of the image’s histogram. All developed image encryption algorithms aim to achieve a high degree of flatness in the color/byte histogram to provide encrypted images with a high level of protection against statistical analysis attacks. Figure 9 shows the histograms of the source images in Figure 7 and the encrypted images in Figure 8 using the SES and AES algorithms.

4.3. Encryption Execution Time

The efficiency of the encryption algorithm depends on the speed of the encryption process; the shorter the encryption time, the more efficient the encryption algorithm [39,40]. In this version, we used the standard AES implementation available in C#, which does not explicitly confirm hardware AES-NI usage. We plan to extend the performance evaluation using AES-NI-enabled implementations (e.g., OpenSSL or Intel’s AES-NI intrinsic functions) in future work to ensure a fair and realistic performance comparison.

Table 2. Encryption time for the SES and AES algorithms.

Image	Encryption Time ET (s)
	SES	AES
Baboon	0.441	0.614
Lena	0.120	0.352
Pepper	0.431	0.61
Minaret	0.139	0.152
Sea	0.781	1.252
Ship	1.149	2.2
Average	0.510	0.863

lists the encryption times that were recorded during the experiments to encrypt the same images using the SES and AES algorithms.

The average value in Table 2 shows that the SES algorithm outperforms the AES algorithm.

4.4. Avalanche Effect

The avalanche effect is a numerical and visual test used to determine the response of an encryption algorithm to any minor changes in its coefficients. The primary objective is to create an encryption algorithm with high responsiveness, which means that even the slightest modification in the key or the source data will cause significant changes in the encrypted data. In the experiments, different numbers of bits in the encryption key were changed, and the effects of these changes on the resulting encrypted image and the recovered source image were calculated.

4.4.1. The Resulting Changes in the Encrypted Image

The numerical value reflecting the avalanche effect (A) is calculated using Equation (8). This equation gives the percentage of the total bits in the encrypted image that change when a small number of bits are changed in the encryption key [36].

$$A={\displaystyle \frac{Number of changed bits in key used}{Total number of bits in encryp image}}\times 100$$

(8)

The avalanche test was conducted by changing a different number of bits in the encryption key.

Table 3. Recorded values of the avalanche effect for the images in Figure 5.

Image	Number of Bits Changed in the Encryption Key (%)
	1 Bit	3 Bits	8 Bits
Baboon	49.980	50.026	50.239
Lena	50.047	50.130	50.142
Pepper	50.041	50.199	50.210
Minaret	50.450	50.464	50.571
Sea	50.066	50.075	50.093
Ship	49.998	50.012	50.025

shows the recorded values of the avalanche effect for the images in Figure 5 upon changing 1-bit, 3-bit, and 8-bit.

In Table 3, it is clear that small changes in the source image or key bits affect the encrypted image. SES achieves an avalanche effect exceeding the 50% standard, confirming strong diffusion properties.

4.4.2. The Resulting Changes in the Recovered Source Image

Another type of test, the visual test of the avalanche effect, can be performed on the recovered source image. When small changes are made in the bits of the encryption key, a completely different source image will be recovered. This recovered image does not contain any useful information that attackers can use to find the source image.

This test quantifies SES’s response to single-bit changes in the key, with results showing significant encrypted image variability, ensuring resistance to brute-force attacks. Figure 10 shows the recovered images after changing a different number of bits in the encryption key for the images shown in Figure 8.

It is clear from the retrieved source images in Figure 10 that the SES algorithm is sensitive to the avalanche effect.

4.5. Correlation Analysis

The distortion effects that appear in the encrypted image will reduce the relationship between adjacent pixels in the encrypted image. Achieving the minimum correlation between adjacent pixels in the encrypted image makes the encryption algorithm more efficient. Equation (9) is used to calculate the correlation between two adjacent pixels.

$$C={\displaystyle \frac{N{\sum }_{j=1}^N\left(X_j\times Y_j\right)-{\sum }_{j=1}^N{X}_j\times {\sum }_{j=1}^N{Y}_j}{\sqrt{\left(N{\sum }_{j=1}^N{X}_j^2-{\left({\sum }_{j=1}^N{X}_j\right)}^2\right)\times \left(N{\sum }_{j=1}^N{Y}_j^2-{\left({\sum }_{j=1}^N{Y}_j\right)}^2\right)}}}$$

(9)

We can randomly select N pairs of adjacent pixels in the vertical, horizontal, diagonal, and anti-diagonal orientations (about 4000 pairs of pixels were selected for each image in experiments), X and Y are the color values of two adjacent pixels in the encrypted image. The calculated correlation values for the SES and AES algorithms in the horizontal, vertical, diagonal, and anti-diagonal orientations are listed in

Table 4. Correlation values for the SES and AES algorithms.

Image	H		V		D		A
	SES	AES	SES	AES	SES	AES	SES	AES
Baboon	0.007	0.007	0.012	0.018	0.015	0.02	0.007	0.007
Lena	0.009	0.005	0.016	0.014	0.034	0.032	0.016	0.02
Pepper	0.004	0.002	0.002	0.003	0.024	0.03	0.018	0.018
Minaret	0.032	0.038	0.002	0.003	0.01	0.012	0.021	0.049
Sea	0.004	0.045	0.009	0.029	0.021	0.027	0.019	0.016
Ship	0.005	0.009	0.032	0.037	0.01	0.015	0.012	0.012
Average	0.010	0.018	0.012	0.017	0.019	0.023	0.016	0.020

H: Horizontal, V: Vertical, D: Diagonal, and A: Anti-diagonal.

.

When reading Table 4, we notice that the average value of the recorded correlation values for the SES algorithm is better than the AES algorithm. The results from the correlation tests confirm the randomness of SES-encrypted images.

4.6. NMAE and PSNR Metrics

The amount of distortion produced in the encrypted images can be determined numerically using the normalized mean absolute error NMAE and peak signal-to-noise ratio PSNR. Equations (10) and (11) are used to calculate these two metrics, respectively [26].

$$NMAE={\displaystyle \frac{\sum _{k=0}^{S_{Size}-1}\left|S\left(k\right)-E\left(k\right)\right|}{S_{Size}}}\times 100$$

(10)

$${PSNR}_{db}=10.{\mathit{log}}_{10}\left({\displaystyle \frac{{Max}_S^2}{NMAE}}\right)$$

(11)

where S and E are the source and encrypted images, and Max_S is the maximum possible pixel value of S.

The average values of the NMAE and PSNR in

Table 5. NMAE and PSNR values for the SES and AES algorithms.

Image	NMAE (%)		PSNR (db)
	SES	AES	SES	AES
Baboon	72.12	68.76	6.80	7.30
Lena	65.63	63.19	7.32	7.67
Pepper	90.50	89.39	6.22	6.40
Minaret	67.46	62.99	8.78	8.53
Sea	66.99	63.94	7.52	7.32
Ship	93.52	89.06	4.85	4.81
Average	76.037	72.888	6.915	7.005

prove that the SES algorithm is ahead of the AES algorithm in producing more distortion in the generated encrypted images.

4.7. Information Entropy

The information entropy of any image is the property of randomness in the image data. Entropy refers to the expected amount of randomness of information that can be obtained from the image data. It is difficult for attackers to predict the content of an image when the information entropy of the image is high. Equation (12) is used to calculate the information entropy [9,41].

$$Entropy=-{\sum }_{i=1}^n{P}_i.{\mathrm{l}\mathrm{o}\mathrm{g}}_2(P_i)$$

(12)

where n is the number of different values in the image data, and P_i is the probability of occurrence of each data value.

The average entropy value for the SES algorithm in

Table 6. Entropy values for the SES and AES algorithms.

Image	Entropy
	Source Image	Encrypted Image
		SES	AES
Baboon	7.1079	7.9019	7.9020
Lena	7.7300	7.9902	7.9906
Pepper	7.1249	7.9946	7.9934
Minaret	7.5235	7.9998	7.9987
Sea	7.7586	7.9886	7.9799
Ship	7.8679	7.9989	7.9701
Average	7.7200	7.9790	7.9720

indicates that the SES algorithm produced a promising level of randomness in the encrypted images compared to the AES algorithm.

Entropy analysis confirms the randomness of SES-encrypted images, with entropy values approaching the ideal of 8 for 256-bit data.

4.8. NPCR and UACI Metrics

Attackers use differential attacks to analyze the sensitivity of an encryption algorithm to a small change in the source image. The efficiency of the encryption algorithm lies in its ability to generate a completely different encrypted image when a single pixel in a source image is changed. The NPCR and UACI are used to evaluate this property and are calculated using Equations (14) and (15), respectively [42].

$$D(i,j)=\left\{\begin{array}{c}1, C_1\left(i,j\right)\ne C_2\left(i,j\right)\\ 0, C_1\left(i,j\right)=C_2\left(i,j\right)\end{array}\right.$$

(13)

$$NPCR={\displaystyle \frac{{\sum }_{i=1}^{Width}{\sum }_{j=1}^{Height}D(i,j)}{Width\times Height}}\times 100\%$$

(14)

$$UACI={\displaystyle \frac{{\sum }_{i=1}^{Width}{\sum }_{j=1}^{Height}\left|C_1\left(i,j\right)-C_2\left(i,j\right)\right|}{Width\times Height\times 255}}\times 100\%$$

(15)

where $C_1$ and $C_2$ represent the encrypted images before and after a single pixel change in a source image, $Width\times Height$ represents the image size.

Table 7. NPCR and UACI values between the two encrypted images $C_1$ and $C_2$.

Image	NPCR		UACI
	SES	AES	SES	AES
Baboon	99.66	99.61	33.90	33.45
Lena	99.79	99.63	33.99	33.43
Pepper	99.96	99.61	33.59	33.46
Minaret	99.79	99.63	35.40	33.50
Sea	99.81	99.62	34.82	33.44
Ship	99.87	99.60	35.65	33.46
Average	99.81	99.62	34.56	33.46

shows the calculated NPCR and UACI between the two encrypted images $C_1$ and $C_2$.

Using NPCR and UACI metrics proves the robustness of SES against differential attacks, surpassing AES in resistance metrics.

4.9. S-Box Properties

The security of an S-box is critical in cryptographic algorithms, especially in resisting various forms of attacks. This section explores some of the key characteristics that contribute to its strength. Section 4.9.1 looks at the random distribution of bytes, ensuring that the S-box is uniform and does not contain any patterns that an attacker could exploit. Section 4.9.2: Resistance of the S-box to differential cryptanalysis, which is measured by the Differential Distribution Table (DDT), to evaluate how input variations cause output variations in the S-box. Section 4.9.3: On linear cryptanalysis, a check is performed on the Linear Approximation Table (LAT) to determine the resistance of the S-box to all possible linear approximations of its transformation. Actually, all these properties determine the effectiveness of the S-box in providing strong encryption.

4.9.1. Random Distribution of Bytes

A method of constructing S-boxes with a random, high-entropic distribution of byte values that can be used in implementing cryptography. Unlike the usual AES S-box generation based on algebraic transformations over a finite field, our approach generates S-boxes through dynamic nonlinear processes with maximized Shannon entropy while still retaining other important features such as nonlinearity and differential uniformity. The obtained S-box is checked based on standard cryptographic requirements of nonlinearity measures and differential/linear approximation probabilities. Additionally, randomness tests also verify that our S-box shows better results than any other proposed diffusion characteristics, as indicated by NIST entropy assessments. While using this methodology, we ensure our randomly generated S-box is competitive to the existing AES S-box for security while being resistant against such cryptanalytic attacks based on differential and linear attacks.

The following algorithm steps summarize the process of generating the SBox:

• Initialize Value List: Create a list of 256 unique values from 00 to FF.
• Shuffle the Value List: Use a pseudo-random number generator (PRNG) seeded with SeedV to shuffle the list using the Fisher–Yates shuffle.
• Fill the S-Box Matrix: Map the shuffled 1D list into a 16 × 16 matrix SBox[i][j], filling rows left to right, top to bottom.
• Output the S-Box: The resulting SBox[16][16] matrix is used as the substitution table for SES encryption.

Figure 11 shows three different random distributions of bytes, with their entropy values, for two different S-Boxes used in SES.

4.9.2. Differential Cryptanalysis of S-Box

Differential cryptanalysis relies on the propagation of differences in plaintext pairs through the encryption process to predict key-related information. The computational complexity depends mainly on two factors: the differential probability of the S-boxes and the number of required pairs of plaintexts.

A secure S-box has a low maximum differential probability in its Differential Distribution Table (DDT) that includes a large number of plaintext pairs for an attacker in a differential attack. The entry DDT[a, b] at row a and column b for an S-Box $S:F_2^n\to F_2^n$ is computed by Equation (16).

$$DDT\left[a,b\right]=\left|\left\{x\in F_2^n|S\left(x\right)\oplus S\left(x\oplus a\right)=b\right\}\right|$$

(16)

According to Equation (17), N is the number of required plaintext pairs for differential cryptanalysis, where p is the highest differential probability in DDT.

$$N\approx 1/p^2$$

(17)

The calculated highest differential probability for the S-Box used in SES was p = 0.01951 and N = 2627, while the differential probability of AES was p = 0.0156, requiring around N = 4096 plaintext pairs. Although the N value of SES is lower than that of AES, N = 2627 is large enough to make SES resistant to differential attacks. Based on the calculated value of N, future work will consider improving the S-Box of the SES or even using the S-Box of the AES itself.

4.9.3. Linear Cryptanalysis of S-Box

Linear cryptanalysis relies on the statistical dependencies between plaintext, ciphertext, and key bits to determine linear approximations. The computational complexity depends on the probability of a linear approximation.

The Linear Approximation Table (LAT) provides insights into the linear properties of the S-box, which helps determine its resistance against linear cryptanalysis. The highest absolute value in the LAT corresponds to the most efficient linear approximation of the S-box. The bias of the linear probability P is calculated using Equation (18).

$$P={\displaystyle \frac{max\left(\left|LAT\left[\alpha ,\beta \right]\right|\right)}{256}}$$

(18)

Each entry of the LAT is calculated using Equation (19).

$$LAT\left[\alpha ,\beta \right]={\sum }_{x=0}^{255}{\left(-1\right)}^{(x.\alpha )\oplus (S\left(x\right).\beta )}$$

(19)

The maximum absolute entry in the Linear Approximation Table (LAT) for the S-box of SES is 18, giving a probability bias p ≈ 0.0703. Meanwhile, the S-box of AES has a maximum bias of 16, giving a probability bias p = 0.0625. Although the p value of SES is larger than that of AES, p ≈ 0.0703 is low enough to make SES resistant to linear cryptanalysis. Based on the calculated value of p, future work will consider improving the S-Box of the SES or even using the S-Box of the AES itself.

4.10. Performance Discussion and Limitations

The AES implementation used in this study is a managed C# software version 2022 without hardware acceleration. Modern processors support AES-NI, a dedicated instruction set that significantly accelerates AES operations and enables throughput levels far exceeding those of software-only implementations. Therefore, the performance comparison in this paper reflects differences in algorithmic structure rather than real-world execution speed. In practical deployments, AES-NI–based AES would be substantially faster than both SES and the software AES baseline used here.

Furthermore, SES introduces computational overhead through the generation of key-dependent S-boxes and the chained construction of key blocks. These operations are performed once per encryption session but influence the overall performance, especially for short messages. Although SES demonstrates competitive processing times in a pure software context, we acknowledge that a fully optimized implementation of SES, similar to a hardware-accelerated AES. The objective of the current paper is to evaluate SES’s feasibility and behavior, not to claim superior performance against optimized industrial ciphers.

5. Security Analysis

5.1. Differential Cryptanalysis

Differential cryptanalysis explores the evolution of input differences across multiple rounds. In SES, the key-dependent S-box, XOR-based key mixing, and conditional nibble permutation jointly contribute to the nonlinear propagation of differences. The per-key S-box ensures that differential distribution tables are key-specific and cannot be precomputed or reused across sessions. Furthermore, the conditional swap introduces key-dependent positional changes that prevent the formation of a structured differential pattern. These properties collectively increase the difficulty of identifying high-probability differential characteristics. Although a full automated trail search is not included here, the round structure does not exhibit any obvious differential weaknesses.

5.2. Linear Cryptanalysis

Linear cryptanalysis attempts to derive linear approximations with statistically significant bias. The dynamic S-box employed by SES prevents attackers from exploiting a fixed substitution layer; therefore, no single linear approximation is valid across different keys. The combined effect of nonlinear substitution, XOR mixing, and conditional position permutation produces several nonlinear components that must be approximated simultaneously, increasing the difficulty of linear attack. As in similar key-dependent S-box constructions, the absence of a globally shared S-box inhibits the derivation of reusable linear masks, thereby complicating linear attacks on the cipher.

5.3. Related-Key Considerations

SES derives each key block through a chained process in which key-dependent substitution and XOR operations are iteratively applied. This approach amplifies small differences in the master key and results in rapidly diverging key-block sequences. Key-dependent S-box generation further ties all-round operations to the master key, limiting an adversary’s ability to mount related-key attacks by exploiting structural relationships across keys. However, the design of SES follows standard principles used in resisting related-key techniques.

5.4. Algebraic Attacks

Algebraic cryptanalysis seeks compact systems of polynomial equations representing multiple rounds of the cipher. SES integrates several components that complicate algebraic modeling, notably the per-key nonlinear S-box and the conditional permutation applied to nibbles. These features prevent the construction of round-invariant algebraic expressions and hinder attempts to generalize algebraic relations across different keys. As with most key-dependent primitives, the dynamic nature of the substitution layer significantly increases the complexity of algebraic attacks.

5.5. Summary of Security Assessment

Overall, SES demonstrates good resistance indicators due to its key-dependent nonlinear components, rapid diffusion, and non-repeating round structure. Although the present analysis outlines SES’s behavior against well-known attack strategies, we explicitly acknowledge that a full formal cryptanalytic evaluation—including automated trail searches and algebraic modeling, should be conducted in future work.

6. Conclusions

The proposed SES algorithm has been proven to outperform the standard AES in terms of encryption efficiency, key size, and security parameters. The supported key size in bits ranged from 128 bits to 524,288 bits for SES, when compared to the maximum 256 bits for AES, which enhances resistance to brute-force attacks. On average, SES performed 35.3% faster in encryption execution time and reduced computational overhead. In addition, SES outperformed AES in the key cryptographic metrics: NMAE of 76.037%, PSNR of 6.915 db, NPCR of 99.81%, and UACI of 34.56%, showing high diffusion and confusion properties. The entropy values for the images encrypted with SES were consistently close to 7.99, demonstrating high randomness and robustness against statistical attacks.

Despite the encouraging results, SES has some limitations that require further research. Most of the research was performed with image encryption, and further validation is required in text, audio, and other formats to ensure its wider applicability. The pseudo-randomly generated S-Box, though effective in enhancing security, showed a slightly higher linear approximation bias (0.0703) than AES (0.0625), which may indicate vulnerability to linear cryptanalysis. While SES improves efficiency, its larger key sizes may introduce challenges in key management and storage, especially in resource-constrained environments. Finally, the resistance of the algorithm to side-channel attacks has not been tested, and further cryptanalysis and hardware-based evaluations are needed.

Future research will be directed at refining SES to overcome its identified limitations and further improve its security and performance. These techniques have to be analyzed with alternative methods of generating S-Boxes, having reduced differential and linear approximation biases, which can yield better resistance to different kinds of cryptanalysis attacks. In future testing of the SES with other types of data, real systems should be studied. To increase efficiency, hardware implementations like Field-Programmable Gate Array (FPGA) or Application-Specific Integrated Circuit (ASIC) can also be designed to increase its effectiveness for applications using high-speed encryption. Finally, countermeasure integration to counter side-channel attacks will ensure robustness on the part of SES against physical attack vectors.

7. Declarations

• The authors have no financial interest or claim to any aspect of this research paper.
• The authors of this research paper have been directly involved in the design, execution, or analysis of this study.
• The authors of this manuscript have read and approved the final draft that was submitted.
• Material contained in this manuscript has not been previously copyrighted or published.
• The material in this manuscript is not currently being considered for publication elsewhere.
• The material in this manuscript will not be copyrighted, submitted, or published in any other venue while its acceptance by the Journal is under consideration.
• There are no related documents or abstracts, whether published or not, which are authored by the writer of this paper.