Lightweight Multiplication in GF(2^n) with Applications to MDS Matrices

In this paper we consider the fundamental question of optimizing finite field multiplications with one fixed element. Surprisingly, this question did not receive much attention previously. We investigate which field representation, that is which choice of basis, allows for an optimal implementation. Here, the efficiency of the multiplication is measured in terms of the number of XOR operations needed to implement the multiplication. While our results are potentially of larger interest, we focus on a particular application in the second part of our paper. Here we construct new MDS matrices which outperform or are on par with all previous results when focusing on a round-based hardware implementation.

[1]  W. Wardlaw,et al.  Matrix Representation of Finite Fields , 1994 .

[2]  Eli Biham,et al.  Differential cryptanalysis of DES-like cryptosystems , 1990, Journal of Cryptology.

[3]  Thomas Peyrin,et al.  Optimizing Implementations of Lightweight Building Blocks , 2017, IACR Trans. Symmetric Cryptol..

[4]  Joan Daemen,et al.  Cipher and hash function design strategies based on linear and differential cryptanalysis , 1995 .

[5]  Sumanta Sarkar,et al.  A Deeper Understanding of the XOR Count Distribution in the Context of Lightweight Cryptography , 2016, AFRICACRYPT.

[6]  J. Silvester Determinants of block matrices , 2000, The Mathematical Gazette.

[7]  H. O. Foulkes Abstract Algebra , 1967, Nature.

[8]  公庄 庸三 Basic Algebra = 代数学入門 , 2002 .

[9]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[10]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[11]  Frédérique E. Oggier,et al.  Lightweight MDS Involution Matrices , 2015, FSE.

[12]  Yongqiang Li,et al.  On the Construction of Lightweight Circulant Involutory MDS Matrices , 2016, FSE.

[13]  Daniel Augot,et al.  Direct Construction of Recursive MDS Diffusion Layers Using Shortened BCH Codes , 2014, FSE.

[14]  François-Xavier Standaert,et al.  LS-Designs: Bitslice Encryption for Efficient Masked Software Implementations , 2014, FSE.

[15]  Hong Xu,et al.  Construction of perfect diffusion layers from linear feedback shift registers , 2015, IET Inf. Secur..

[16]  R. Stephenson A and V , 1962, The British journal of ophthalmology.

[17]  Thomas Peyrin,et al.  The LED Block Cipher , 2011, IACR Cryptol. ePrint Arch..

[18]  R. G. Swan,et al.  Factorization of polynomials over finite fields. , 1962 .

[19]  Mahdi Sajadieh,et al.  Recursive Diffusion Layers for Block Ciphers and Hash Functions , 2012, FSE.

[20]  Siang Meng Sim,et al.  Lightweight MDS Generalized Circulant Matrices , 2016, FSE.

[21]  Kishan Chand Gupta,et al.  Cryptographically significant MDS matrices based on circulant and circulant-like matrices for lightweight applications , 2014, Cryptography and Communications.

[22]  Paulo S. L. M. Barreto,et al.  Whirlwind: a new cryptographic hash function , 2010, Des. Codes Cryptogr..

[23]  Harald Niederreiter,et al.  Introduction to finite fields and their applications: Preface , 1994 .

[24]  Wenling Wu,et al.  Recursive Diffusion Layers for (Lightweight) Block Ciphers and Hash Functions , 2012, Selected Areas in Cryptography.

[25]  Thomas Peyrin,et al.  FOAM: Searching for Hardware-Optimal SPN Structures and Components with a Fair Comparison , 2014, CHES.

[26]  F. MacWilliams,et al.  The Theory of Error-Correcting Codes , 1977 .

[27]  Christof Paar,et al.  Block Ciphers - Focus on the Linear Layer (feat. PRIDE) , 2014, CRYPTO.

[28]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..