scispace - formally typeset
Search or ask a question
Topic

MDS matrix

About: MDS matrix is a research topic. Over the lifetime, 102 publications have been published within this topic receiving 2000 citations.


Papers
More filters
Book ChapterDOI
07 Dec 2013
TL;DR: This paper presents a generic construction of MDS recursive diffusion layers as proposed but bridging this construction with the theory of Gabidulin codes, which has the property to be not only MDS but also MRD (Maximum Rank Distance).
Abstract: Many recent block ciphers use Maximum Distance Separable (MDS) matrices in their diffusion layer. The main objective of this operation is to spread as much as possible the differences between the outputs of nonlinear Sboxes. So they generally act at nibble or at byte level. The MDS matrices are associated to MDS codes of ratio 1/2. The most famous example is the MixColumns operation of the AES block cipher. In this example, the MDS matrix was carefully chosen to obtain compact and efficient implementations in software and hardware. However, this MDS matrix is dedicated to 8-bit words, and is not always adapted to lightweight applications. Recently, several studies have been devoted to the construction of recursive diffusion layers. Such a method allows to apply an MDS matrix using an iterative process which looks like a Feistel network with linear functions instead of nonlinear. In this paper, we present a generic construction of MDS recursive diffusion layers as proposed in [1], [7], [10], [12], [15] but bridging this construction with the theory of Gabidulin codes. This construction uses Gabidulin codes which have the property to be not only MDS but also MRD (Maximum Rank Distance). This fact gives an additional property to diffusion layers which seems interesting for cryptographic applications.

36 citations

Patent
29 Aug 2007
TL;DR: In this article, the authors proposed a high-security cryptographic processing apparatus that increases difficulty in analyzing the key of a common-key-block cipher, and a method therefor, to realize cryptographic processing whereby resistance to linear cryptanalysis attacks in the Common-Key-Block cipher is improved.
Abstract: The invention realizes a high-security cryptographic processing apparatus that increases difficulty in analyzing its key and a method therefor. In Feistel-type common-key-block cryptographic processing that repeatedly executes an SPN-type F-function having the nonlinear conversion section and the linear conversion section over a plurality of rounds, Linear conversion processing of an F-function corresponding to each of the plurality of rounds is carried out by linear conversion processing that applies square MDS (Maximum Distance Separable) matrices. The invention uses a setting that arbitrary m column vectors included in inverse matrices of square MDS matrices being set up at least in consecutive even-numbered rounds and in consecutive odd-numbered rounds, respectively, constitute a square MDS matrix. This structure realizes cryptographic processing whereby resistance to linear cryptanalysis attacks in the common-key-block cipher is improved.

34 citations

Book ChapterDOI
05 May 2014
TL;DR: This paper studies and constructs efficient d ×d circulant MDS matrices for d up to 8 and considers their inverses, which are essential for SPN networks and proves that circulants MDS matrix can not be involutory.
Abstract: Maximum distance separable (MDS) matrices have applications not only in coding theory but are also of great importance in the design of block ciphers and hash functions. It is highly nontrivial to find MDS matrices which could be used in lightweight cryptography. In this paper we study and construct efficient d ×d circulant MDS matrices for d up to 8 and consider their inverses, which are essential for SPN networks. We explore some interesting and useful properties of circulant matrices which are prevalent in many parts of mathematics and computer science. We prove that circulant MDS matrix can not be involutory. We also prove that 2 d ×2 d circulant matrix can not be both orthogonal and MDS.

30 citations

Proceedings ArticleDOI
Qun Wan, Yong-Jie Luo, Wan-Lin Yang, Jia Xu1, Jun Tang1, Yingning Peng1 
18 Mar 2005
TL;DR: Because the dimension knowledge of the localization problem is utilized to estimate the noise subspace and to mitigate the errors in TOA measurements, the proposed method is superior to the ordinary linear localization method in most of the enhanced quadrants of the area coordinates system.
Abstract: A novel noise subspace based method is applied to the minimum localization system using time-of-arrival (TOA) measurements from three base stations (BS). Since the distance measurement between the mobile station (MS) and the BS bears analogy to the multidimensional similarity (MDS) between their coordinates, we express the MS coordinate as the linear combination of the BSs' coordinates, where the weight vector lies in the noise subspace of the MDS matrix. It is proved that this weight vector is the area coordinate of the MS when the triangle formed by the three BSs serves as the reference frame. Because the dimension knowledge of the localization problem is utilized to estimate the noise subspace and to mitigate the errors in TOA measurements, the proposed method is superior to the ordinary linear localization method in most of the enhanced quadrants of the area coordinates system.

28 citations

Journal ArticleDOI
TL;DR: The minimum value of XOR counts of 4 × 4 MDS matrices over F 2 4 and F 2 8 are reported, and it is proved that Toeplitz matrices cannot be both MDS and involutory.
Abstract: MDS matrices are used as building blocks of diffusion layers in block ciphers, and XOR count is a metric that estimates the hardware implementation cost. In this paper we report the minimum value of XOR counts of 4 × 4 MDS matrices over F 2 4 and F 2 8 , respectively. We give theoretical constructions of Toeplitz MDS matrices and show that they achieve the minimum XOR count. We also prove that Toeplitz matrices cannot be both MDS and involutory. Further we give theoretical constructions of 4 × 4 involutory MDS matrices over F 2 4 and F 2 8 that have the best known XOR counts so far: for F 2 4 our construction gives an involutory MDS matrix that actually improves the existing lower bound of XOR count, whereas for F 2 8 , it meets the known lower bound.

26 citations

Network Information
Related Topics (5)
Cryptography
37.3K papers, 854.5K citations
77% related
Encryption
98.3K papers, 1.4M citations
75% related
Public-key cryptography
27.2K papers, 547.7K citations
74% related
Hash function
31.5K papers, 538.5K citations
71% related
Cryptographic protocol
11.7K papers, 268.8K citations
70% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20221
20217
20205
20198
201810
201716