MDS matrix

About: MDS matrix is a research topic. Over the lifetime, 102 publications have been published within this topic receiving 2000 citations.

TOA-Based Localization With NLOS Mitigation via Robust Multidimensional Similarity Analysis

Abstract: This letter focuses on time-of-arrival based localization using multidimensional similarity (MDS) analysis under non-line-of-sight (NLOS) propagation. To handle row-column structured outliers in the MDS matrix introduced by NLOS errors, we present a novel robust matrix approximation scheme with the use of $\ell _{2,1}$ -norm and apply the alternating direction method of multipliers to solve the resultant nonlinear constrained optimization problem. The proposed method does not require any prior knowledge of NLOS information and can benefit from a comparatively low complexity. Simulation results show that our algorithm is superior to several existing approaches in mild and moderate NLOS environments.

On Feistel ciphers using optimal diffusion mappings across multiple rounds

Abstract: The invention realizes a high-security cryptographic processing apparatus that increases difficulty in analyzing its key and a method therefor. In Feistel-type common-key-block cryptographic processing that repeatedly executes an SPN-type F-f unction having the nonlinear conversion section and the linear conversion section over a plurality of rounds, Linear conversion processing of an F-function corresponding to each of the plurality of rounds is carried out by linear conversion processing that applies square MDS (Maximum Distance Separable) matrices. The invention uses a setting that arbitrary m column vectors included in inverse matrices of square MDS matrices being set up at least in consecutive even-numbered rounds and in consecutive odd-numbered rounds, respectively, constitute a square MDS matrix. This structure realizes cryptographic processing whereby resistance to linear cryptanalysis attacks in the common-key-block cipher is improved.

Cryptographically significant MDS matrices based on circulant and circulant-like matrices for lightweight applications

Abstract: MDS matrices incorporate diffusion layers in block ciphers and hash functions. MDS matrices are in general not sparse and have a large description and thus induce costly implementations both in hardware and software. It is also nontrivial to find MDS matrices which could be used in lightweight cryptography. In the AES MixColumn operation, a circulant MDS matrix is used which is efficient as its elements are of low hamming weights, but no general constructions and study of MDS matrices from d×d circulant matrices for arbitrary d is available in the literature. In a SAC 2004 paper, Junod et al. constructed a new class of efficient matrices whose submatrices were circulant matrices and they coined the term circulating-like matrices for these new class of matrices. We call these matrices as Type-I circulant-like matrices. In this paper we introduce a new type of circulant-like matrices which are involutory by construction and we call them Type-II circulant-like matrices. We study the MDS properties of d×d circulant, Type-I and Type-II circulant-like matrices and construct new and efficient MDS matrices which are suitable for lightweight cryptography for d up to 8. We also consider orthogonal and involutory properties of such matrices and study the construction of efficient MDS matrices whose inverses are also efficient. We explore some interesting and useful properties of circulant, Type-I and Type-II circulant-like matrices which are prevalent in many parts of mathematics and computer science.

More Results on Shortest Linear Programs

Abstract: At the FSE conference of ToSC 2018, Kranz et al. presented their results on shortest linear programs for the linear layers of several well known block ciphers in literature. Shortest linear programs are essentially the minimum number of 2-input xor gates required to completely describe a linear system of equations. In the above paper the authors showed that the commonly used metrics like d-xor/s-xor count that are used to judge the “lightweightedness” do not represent the minimum number of xor gates required to describe a given MDS matrix. In fact they used heuristic based algorithms of Boyar/Peralta and Paar to find implementations of MDS matrices with even fewer xor gates than was previously known. They proved that the AES mixcolumn matrix can be implemented with as little as 97 xor gates. In this paper we show that the values reported in the above paper are not optimal. By suitably including random bits in the instances of the above algorithms we can achieve implementations of almost all matrices with lesser number of gates than were reported in the above paper. As a result we report an implementation of the AES mixcolumn matrix that uses only 95 xor gates.

Algebraic construction of cryptographically good binary linear transformations

Abstract: Maximum Distance Separable MDS and Maximum Distance Binary Linear MDBL codes are used as diffusion layers in the design of the well-known block ciphers like the Advanced Encryption Standard, Khazad, Camellia, and ARIA. The reason for the use of these codes in the design of block ciphers is that they provide optimal diffusion effect to meet security of a round function of a block cipher. On the other hand, the constructions of these diffusion layers are various. For example, whereas the Advanced Encryption Standard uses a 4×4 MDS matrix over GF28, ARIA uses a 16×16 involutory binary matrix over GF28. The most important cryptographic property of a diffusion layer is the branch number of that diffusion layer, which represents the diffusion rate and measures security against linear and differential cryptanalysis. Therefore, MDS and Maximum Distance Binary Linear codes, which provide maximum branch number for a diffusion layer, are preferred in the design of block ciphers as diffusion layers. In this paper, we present a new algebraic construction method based on MDS codes for 8×8 and 16×16 involutory and non-involutory binary matrices of branch numbers 5 and 8, respectively. By using this construction method, we also show some examples of these diffusion layers. Copyright © 2012 John Wiley & Sons, Ltd.