On the properties of substitution blocks on the base of a modified additive generator and on the base of the block cipher NASH

Here, we present two algorithms for computing substitution blocks (S-boxes) of the size $16\times16$ bits. The first one is based on a modified additive generator, the second – on the lightweight block cipher NASH. For both algorithms, we give the numerical values for some cryptographic properties of S-boxes produced by them, namely for differential probability, for linear probability, for nonlinearity order of coordinate functions and their linear combinations and compare them with the similar values related to S-boxes of some known block ciphers (AES, Kuznechik and others). Also, we show that the running time of these algorithms is 3.5–5 times more than the running time needed to compute the same S-boxes in the table form.