scispace - formally typeset
Search or ask a question
Author

Mohammad Reza Mirzaee Shamsabad

Bio: Mohammad Reza Mirzaee Shamsabad is an academic researcher from Shahid Beheshti University. The author has contributed to research in topics: Diffusion (business) & MDS matrix. The author has an hindex of 1, co-authored 4 publications receiving 5 citations.

Papers
More filters
01 Jan 2019
TL;DR: A class of lightweight 4 × 4 cyclic MDS matrices lighter than the state-of-the-art which reduces the implementation cost (in terms of number of XOR gates required) of linear diffusion layers for hardwareoriented cryptographic primitives.
Abstract: Modern lightweight block ciphers and hash functions apply linear layers for the diffusion purpose. In this paper, we characterize a class of lightweight MDS matrices decomposed into two cyclic matrices. As the main contribution, we presents a class of lightweight 4 × 4 cyclic MDS matrices lighter than the state-of-the-art which reduces the implementation cost (in terms of number of XOR gates required) of linear diffusion layers for hardwareoriented cryptographic primitives.

4 citations

Journal ArticleDOI
TL;DR: With the aid of the proposed family of matrices, some well-known diffusion layers including the cyclic AES-like matrices and some recursive MDS diffusion layers could be made dynamic, at little extra cost in software.
Abstract: Maximum distance separable (MDS) matrices play a crucial role in symmetric ciphers as diffusion layers. Dynamic diffusion layers for software applications are less considered up to now. Dynamic (randomised) components could make symmetric ciphers more resistant against statistical and algebraic attacks. In this paper, after some theoretical investigation we present a family of parametric n × n, binary matrices Aα, n = 4t, such that for 4t many α ∈ Fn2 the matrices Aα, A3α ⊕ I and A7α ⊕ I are non-singular. With the aid of the proposed family of matrices, some well-known diffusion layers including the cyclic AES-like matrices and some recursive MDS diffusion layers could be made dynamic, at little extra cost in software. Then, we provide new families of MDS matrices which could be used as dynamic diffusion layers, using the proposed family of matrices. The implementation cost of every member in the presented families of MDS diffusion layers (except one cyclic family) is equal to its inverse. The proposed diffusion layers have a suitable implementation cost on a variety of modern processors.

1 citations

Journal ArticleDOI
01 Nov 2019
TL;DR: This paper provides new MDS matrices over special types of R-modules, and constructs randomized and/or nonlinear MDS diffusion layers, based upon the presented theoretical results, and discusses the resistance of the presented diffusion layers against various kinds of cryptanalysis.
Abstract: Abstract MDS diffusion layers are critical components in the design of symmetric ciphers. In this paper, after introducing some new algebraic structures, we provide new MDS matrices over special types of R-modules. With the help of the proposed methodology, we have more flexibility in designing software-oriented diffusion layers. Most notably, we construct randomized and/or nonlinear MDS diffusion layers, based upon the presented theoretical results, and discuss the resistance of the presented diffusion layers against various kinds of cryptanalysis, compared with classical linear diffusion layers.

1 citations

Journal ArticleDOI
TL;DR: In the current paper, cyclic binary matrices (CBMs for short) are investigated, mathematically, and the product of sparse CBMs is considered to construct efficiently implementable matrices with the desired cryptographic properties.
Abstract: Many modern symmetric ciphers apply MDS or almost MDS matrices as diffusion layers. The performance of a diffusion layer depends on its diffusion property measured by branch number and implementation cost which is usually measured by the number of XORs required. As the implementation cost of MDS matrices of large dimensions is high, some symmetric ciphers use binary matrices as diffusion layers to trade-off efficiency versus diffusion property. In the current paper, we investigate cyclic binary matrices (CBMs for short), mathematically. Based upon this theorical study, we provide efficient matrices with provable lower bound on branch number and minimal number of fixed-points. We consider the product of sparse CBMs to construct efficiently implementable matrices with the desired cryptographic properties.

Cited by
More filters
Book ChapterDOI
16 Aug 2021
TL;DR: In this paper, the authors formalize the notion of alignment and study four primitives that are exponents of different design strategies, and propose a way to analyze the interactions between the linear and the nonlinear layers w.r.t.
Abstract: Designing a block cipher or cryptographic permutation can be approached in many different ways. One such approach, popularized by AES, consists in grouping the bits along the S-box boundaries, e.g., in bytes, and in consistently processing them in these groups. This aligned approach leads to hierarchical structures like superboxes that make it possible to reason about the differential and linear propagation properties using combinatorial arguments. In contrast, an unaligned approach avoids any such grouping in the design of transformations. However, without hierarchical structure, sophisticated computer programs are required to investigate the differential and linear propagation properties of the primitive. In this paper, we formalize this notion of alignment and study four primitives that are exponents of different design strategies. We propose a way to analyze the interactions between the linear and the nonlinear layers w.r.t. the differential and linear propagation, and we use it to systematically compare the four primitives using non-trivial computer experiments. We show that alignment naturally leads to different forms of clustering, e.g., of active bits in boxes, of two-round trails in activity patterns, and of trails in differentials and linear approximations.

16 citations

Posted Content
TL;DR: In this paper, the authors provide new methods to look for lightweight MDS matrices, and in particular involutory ones, by proving many new properties and equivalence classes for various MDS matrix constructions such as circulant, Hadamard, Cauchy, and Hadhamard-Cauchy.
Abstract: In this article, we provide new methods to look for lightweight MDS matrices, and in particular involutory ones. By proving many new properties and equivalence classes for various MDS matrices constructions such as circulant, Hadamard, Cauchy and Hadamard-Cauchy, we exhibit new search algorithms that greatly reduce the search space and make lightweight MDS matrices of rather high dimension possible to find. We also explain why the choice of the irreducible polynomial might have a significant impact on the lightweightness, and in contrary to the classical belief, we show that the Hamming weight has no direct impact. Even though we focused our studies on involutory MDS matrices, we also obtained results for non-involutory MDS matrices. Overall, using Hadamard or Hadamard-Cauchy constructions, we provide the (involutory or non-involutory) MDS matrices with the least possible XOR gates for the classical dimensions \(4 \times 4\), \(8 \times 8\), \(16 \times 16\) and \(32 \times 32\) in \(\mathrm {GF}(2^4)\) and \(\mathrm {GF}(2^8)\). Compared to the best known matrices, some of our new candidates save up to 50 % on the amount of XOR gates required for an hardware implementation. Finally, our work indicates that involutory MDS matrices are really interesting building blocks for designers as they can be implemented with almost the same number of XOR gates as non-involutory MDS matrices, the latter being usually non-lightweight when the inverse matrix is required.

9 citations

Posted Content
TL;DR: This article investigates the construction of lightweight MDS matrices over the matrix polynomial residue ring and proposes an algorithm, which not only can construct lightest M DS matrices, but also is evidently more efficient than previous methods.
Abstract: In this article, we investigate the construction of lightweight MDS matrices over the matrix polynomial residue ring. According to distributions of the minimum polynomial, distributions of XOR count and equivalence classes of MDS matrices, we propose an algorithm, which not only can construct lightest MDS matrices, but also is evidently more efficient than previous methods. Moreover, we investigate existences of involutory MDS matrices over the matrix polynomial residue ring. According to quadratic congruence, over the matrix polynomial residue ring, we propose a simplified necessary-and-sufficient condition for deciding whether a Hadamard matrix is invorlutory. With this method, we propose another efficient and special algorithm to construct lightweight Hadamard involutory MDS matrices. Over the 8× 8 matrix polynomial residue ring, we construct vast 4×4 Hadamard involutory MDS matrices with 20 XORs, which are much lighter than previous results. In addition, we obtain a series of propositions about the parity of XOR count.

2 citations

Journal Article
TL;DR: This work searched the 4× 4 MDS matrices over GL(4, F2), and found the lightest M DS matrices only have 10 XOR operations, and all these lightest matrices can be classified to 3 classes.
Abstract: MDS matrices are important parts for block ciphers. We searched the 4× 4 MDS matrices over GL(4, F2), and found the lightest MDS matrices only have 10 XOR operations. Besides, all these lightest MDS matrices can be classified to 3 classes.

2 citations

Journal ArticleDOI
01 Nov 2019
TL;DR: This paper provides new MDS matrices over special types of R-modules, and constructs randomized and/or nonlinear MDS diffusion layers, based upon the presented theoretical results, and discusses the resistance of the presented diffusion layers against various kinds of cryptanalysis.
Abstract: Abstract MDS diffusion layers are critical components in the design of symmetric ciphers. In this paper, after introducing some new algebraic structures, we provide new MDS matrices over special types of R-modules. With the help of the proposed methodology, we have more flexibility in designing software-oriented diffusion layers. Most notably, we construct randomized and/or nonlinear MDS diffusion layers, based upon the presented theoretical results, and discuss the resistance of the presented diffusion layers against various kinds of cryptanalysis, compared with classical linear diffusion layers.

1 citations