In cryptography, an SBox (Substitutionbox) is a basic component of symmetric key algorithms which performs substitution. In block ciphers, they are typically used to obscure the relationship between the key and the ciphertext — Shannon's property of confusion. In many cases, the SBoxes are carefully chosen to resist cryptanalysis.
In general, an SBox takes some number of input bits, m, and transforms them into some number of output bits, n: an m×n SBox can be implemented as a lookup table with 2^{m} words of n bits each. Fixed tables are normally used, as in the Data Encryption Standard (DES), but in some ciphers the tables are generated dynamically from the key; e.g. the Blowfish and the Twofish encryption algorithms. Bruce Schneier describes IDEA's modular multiplication step as a keydependent SBox.
One good example is this 6×4bit SBox from DES (S_{5}):
S_{5}  Middle 4 bits of input  

0000  0001  0010  0011  0100  0101  0110  0111  1000  1001  1010  1011  1100  1101  1110  1111  
Outer bits  00  0010  1100  0100  0001  0111  1010  1011  0110  1000  0101  0011  1111  1101  0000  1110  1001 
01  1110  1011  0010  1100  0100  0111  1101  0001  0101  0000  1111  1010  0011  1001  1000  0110  
10  0100  0010  0001  1011  1010  1101  0111  1000  1111  1001  1100  0101  0110  0011  0000  1110  
11  1011  1000  1100  0111  0001  1110  0010  1101  0110  1111  0000  1001  1010  0100  0101  0011 
Given a 6bit input, the 4bit output is found by selecting the row using the outer two bits (the first and last bits), and the column using the inner four bits. For example, an input "011011" has outer bits "01" and inner bits "1101"; the corresponding output would be "1001".
The 8 SBoxes of DES were the subject of intense study for many years out of a concern that a backdoor — a vulnerability known only to its designers — might have been planted in the cipher. The SBox design criteria were eventually published (Don Coppersmith, 1994) after the public rediscovery of differential cryptanalysis, showing that they had been carefully tuned to increase resistance against this specific attack. Other research had already indicated that even small modifications to an SBox could significantly weaken DES.
There has been a great deal of research into the design of good SBoxes, and much more is understood about their use in block ciphers than when DES was released.
See also[]
References[]
Template:No footnotes
 Template:Cite conference
 Template:Cite journal
 Template:Cite conference
 Template:Cite book
External links[]
 A literature survey on SBox design
 John Savard's "Questions of SBox Design"
 Gargiulo's "SBox Modifications and Their Effect in DESlike Encryption Systems"

ca:CaixesS de:SBox es:SBox fr:SBox it:SBox ja:Sボックス pl:SBox simple:Substitution box