Advertisement

Lightweight Recursive MDS Matrices with Generalized Feistel Network

  • Qiuping Li
  • Baofeng WuEmail author
  • Zhuojun Liu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11049)

Abstract

Maximum distance separable (MDS) matrices are often used to construct optimal linear diffusion layers in many block ciphers. With the development of lightweight cryptography, the recursive MDS matrices play as good candidates. The recursive MDS matrices can be computed as powers of sparse matrices. In this paper, we consider searching recursive MDS matrices from Generalized Feistel Structure (GFN) matrices. The advantage of constructing MDS matrices based on GFN matrices mainly displays two aspects. First, the recursive GFN MDS matrix can be implemented by parallel computation that would reduce the running time. Second, the inverse matrix of recursive GFN MDS matrix is also a recursive GFN MDS matrix and they have the same XOR count. We provide some computational experiments to show we do find some lightweight \(4\times 4\) and \(8\times 8\) recursive GFN MDS matrices over \(\mathbb {F}_{2^{n}}\). Especially, the \(8\times 8\) recursive GFN MDS matrices over \(\mathbb {F}_{2^{8}}\) have lower XOR count than the previous recursive MDS matrices.

Keywords

Lightweight MDS matrix Recursive XOR count Generalized Feistel Network 

References

  1. 1.
    Augot, D., Finiasz, M.: Exhaustive search for small dimension recursive MDS diffusion layers for block ciphers and hash functions. In: Proceedings of 2013 IEEE International Symposium on Information Theory (ISIT), pp. C1551–C1555. IEEE (2013)Google Scholar
  2. 2.
    Albrecht, M.R., Driessen, B., Kavun, E.B., Leander, G., Paar, C., Yalçın, T.: Block ciphers – focus on the linear layer (feat. PRIDE). In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 57–76. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_4CrossRefGoogle Scholar
  3. 3.
    Augot, D., Finiasz, M.: Direct construction of recursive MDS diffusion layers using shortened BCH codes. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 3–17. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46706-0_1CrossRefGoogle Scholar
  4. 4.
    Berger, T.P.: Construction of recursive MDS diffusion layers from gabidulin codes. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 274–285. Springer, Cham (2013).  https://doi.org/10.1007/978-3-319-03515-4_18CrossRefGoogle Scholar
  5. 5.
    Blaum, M., Roth, R.M.: On lowest density MDS codes. IEEE Trans. Inf. Theory 45(1), 46–59 (1999)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Berger, T.P., Minier, M., Thomas, G.: Extended generalized feistel networks using matrix representation. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 289–305. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43414-7_15CrossRefGoogle Scholar
  7. 7.
    Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002).  https://doi.org/10.1007/978-3-662-04722-4CrossRefzbMATHGoogle Scholar
  8. 8.
    Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_13CrossRefGoogle Scholar
  9. 9.
    Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-23951-9_22CrossRefGoogle Scholar
  10. 10.
    Gupta, K.C., Ray, I.G.: On constructions of MDS matrices from companion matrices for lightweight cryptography. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds.) CD-ARES 2013. LNCS, vol. 8128, pp. 29–43. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40588-4_3CrossRefGoogle Scholar
  11. 11.
    Gupta, K.C., Pandey, S.K., Venkateswarlu, A.: On the direct construction of recursive MDS matrices. Des. Codes Crypt. 82(1), 77–94 (2017)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Jean, J., Peyrin, T., Sim, S.M.: Optimizing implementations of lightweight building blocks. IACR Trans. Symmetric Cryptol. 2017(4), 130–168 (2017)Google Scholar
  13. 13.
    Khoo, K., Peyrin, T., Poschmann, A.Y., Yap, H.: FOAM: searching for hardware-optimal SPN structures and components with a fair comparison. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 433–450. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44709-3_24CrossRefGoogle Scholar
  14. 14.
    Kolay, S., Mukhopadhyay, D.: Lightweight diffusion layer from the kth root of the MDS matrix. IACR Cryptology ePrint Archive 2014, 498 (2014)Google Scholar
  15. 15.
    Kranz, T., Leander, G., Stoffelen, K., Wiemer, F.: Shorter linear straight-line programs for MDS matrices yet another XOR count paper. IACR Trans. Symmetric Cryptol. 2017(4), 188–211 (2017).  https://doi.org/10.13154/tosc.v2017.i4.188-211CrossRefGoogle Scholar
  16. 16.
    Liu, M., Sim, S.M.: Lightweight MDS generalized circulant matrices. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 101–120. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-52993-5_6CrossRefGoogle Scholar
  17. 17.
    Li, Y., Wang, M.: On the construction of lightweight circulant involutory MDS matrices. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 121–139. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-52993-5_7CrossRefGoogle Scholar
  18. 18.
    Li, C., Wang, Q.: Design of lightweight linear diffusion layers from near-MDS matrices. IACR Trans. Symmetric Cryptol. 2017(1), 129–155 (2017)Google Scholar
  19. 19.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Labs Tech. J. 28(4), 656–715 (1949)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Sajadieh, M., Dakhilalian, M., Mala, H., Sepehrdad, P.: Recursive diffusion layers for block ciphers and hash functions. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 385–401. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-34047-5_22CrossRefGoogle Scholar
  21. 21.
    Sim, S.M., Khoo, K., Oggier, F., Peyrin, T.: Lightweight MDS involution matrices. In: Leander, G. (ed.) FSE 2015. LNCS, vol. 9054, pp. 471–493. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48116-5_23CrossRefGoogle Scholar
  22. 22.
    Sarkar, S., Syed, H.: Lightweight diffusion layer: importance of toeplitz matrices. IACR Trans. Symmetric Cryptol. 2016(1), 95–113 (2016)Google Scholar
  23. 23.
    Toh, D., Teo, J., Khoo, K., Sim, S.M.: Lightweight MDS serial-type matrices with minimal fixed XOR count. IACR Cryptology ePrint Archive 2017, 1084 (2017)Google Scholar
  24. 24.
    Wu, S., Wang, M., Wu, W.: Recursive diffusion layers for (lightweight) block ciphers and hash functions. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 355–371. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-35999-6_23CrossRefGoogle Scholar
  25. 25.
    Zhao, R., Zhang, R., Li, Y., Wu, B.: On constructions of a sort of MDS block diffusion matrices for block ciphers and hash functions. IACR Cryptology ePrint Archive 2015, 449 (2015)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.University of Chinese Academy of SciencesBeijingChina
  2. 2.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina
  3. 3.Key Laboratory of Mathematics Mechanization Academy of Mathematics and Systems ScienceChinese Academy of SciencesBeijingChina

Personalised recommendations