Paper 2017/1084

Lightweight MDS Serial-type Matrices with Minimal Fixed XOR Count (Full version)

Dylan Toh, Jacob Teo, Khoongming Khoo, and Siang Meng Sim

Abstract

Many block ciphers and hash functions require the diffusion property of Maximum Distance Separable (MDS) matrices. Serial matrices with the MDS property obtain a trade-off between area requirement and clock cycle performance to meet the needs of lightweight cryptography. In this paper, we propose a new class of serial-type matrices called Diagonal-Serial Invertible (DSI) matrices with the sparse property. These matrices have a fixed XOR count (contributed by the connecting XORs) which is half that of existing matrices. We prove that for matrices of order 4, our construction gives the matrix with the lowest possible fixed XOR cost. We also introduce the Reversible Implementation (RI) property, which allows the inverse matrix to be implemented using the similar hardware resource as the forward matrix, even when the two matrices have different finite field entries. This allows us to search for serial-type matrices which are lightweight in both directions by just focusing on the forward direction. We obtain MDS matrices which outperform existing lightweight (involutory) matrices.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. AFRICACRYPT 2018
Keywords
MDS matrixSerial matrixlightweight cryptographyXOR count
Contact author(s)
ssim011 @ e ntu edu sg
History
2018-02-27: revised
2017-11-10: received
See all versions
Short URL
https://ia.cr/2017/1084
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/1084,
      author = {Dylan Toh and Jacob Teo and Khoongming Khoo and Siang Meng Sim},
      title = {Lightweight MDS Serial-type Matrices with Minimal Fixed XOR Count (Full version)},
      howpublished = {Cryptology ePrint Archive, Paper 2017/1084},
      year = {2017},
      note = {\url{https://eprint.iacr.org/2017/1084}},
      url = {https://eprint.iacr.org/2017/1084}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.