Construction of Lightweight MDS Matrices from Generalized Feistel Structures

This paper investigates the construction of lightweight MDS matrices with generalized Feistel structures (GFS). The approach developed by this paper consists in deriving MDS matrices from the product of several sparser ones. This can be seen as a generalization to several matrices of the recursive construction which derives MDS matrices as the powers of a single companion matrix. The first part of this paper gives some theoretical results on the iteration of GFS and the second part gives concrete instantiations. The results match the best known lightweight 4 × 4 MDS matrix and improve the best known 6 × 6 and 8 × 8 MDS matrices. Based on GFS structure, we propose some types of sparse matrices that are called EGFS matrices. Then, by applying binary linear functions to several round of EGFS matrices, we propose lightweight 4 × 4, 6 × 6 and 8 × 8 MDS matrices which are implemented with 67, 158 and 272 XOR for 8-bit input, respectively. The major work of this paper is the design of an 8 × 8 MDS matrix with 272 XOR for 8-bit input, since the best known result is 392 XOR.

[1]  Gaëtan Leurent,et al.  MDS Matrices with Lightweight Circuits , 2018, IACR Cryptol. ePrint Arch..

[2]  Mario Blaum,et al.  On Lowest Density MDS Codes , 1999, IEEE Trans. Inf. Theory.

[3]  Gregor Leander,et al.  Lightweight Multiplication in GF(2^n) with Applications to MDS Matrices , 2016, CRYPTO.

[4]  Siang Meng Sim,et al.  Lightweight MDS Serial-type Matrices with Minimal Fixed XOR Count (Full version) , 2017, IACR Cryptol. ePrint Arch..

[5]  Sumanta Sarkar,et al.  Lightweight Diffusion Layer: Importance of Toeplitz Matrices , 2016, IACR Trans. Symmetric Cryptol..

[6]  A. Youssef On the Design of Linear Transformations for Substitution Permutation Encryption Networks , 2007 .

[7]  Thierry P. Berger,et al.  Construction of Recursive MDS Diffusion Layers from Gabidulin Codes , 2013, INDOCRYPT.

[8]  Kishan Chand Gupta,et al.  On Constructions of Involutory MDS Matrices , 2013, AFRICACRYPT.

[9]  Daniel Augot,et al.  Direct Construction of Recursive MDS Diffusion Layers Using Shortened BCH Codes , 2014, FSE.

[10]  Frédérique E. Oggier,et al.  Lightweight MDS Involution Matrices , 2015, FSE.

[11]  Mahdi Sajadieh,et al.  Recursive Diffusion Layers for Block Ciphers and Hash Functions , 2012, FSE.

[12]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[13]  Kyoji Shibutani,et al.  On the Diffusion of Generalized Feistel Structures Regarding Differential and Linear Cryptanalysis , 2010, Selected Areas in Cryptography.

[14]  Ko Stoffelen,et al.  Shorter Linear Straight-Line Programs for MDS Matrices , 2017, IACR Cryptol. ePrint Arch..

[15]  Wenling Wu,et al.  Recursive Diffusion Layers for (Lightweight) Block Ciphers and Hash Functions , 2012, Selected Areas in Cryptography.