Direct construction of recursive MDS diffusion layers using shortened BCH codes

Daniel Augot; Matthieu Finiasz

doi:10.1007/978-3-662-46706-0_1

Direct construction of recursive MDS diffusion layers using shortened BCH codes

Daniel Augot
, Matthieu Finiasz

CryptoExperts SAS

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

MDS matrices allow to build optimal linear diffusion layers in block ciphers. However, MDS matrices cannot be sparse and usually have a large description, inducing costly software/hardware implementations. Recursive MDS matrices allow to solve this problem by focusing on MDS matrices that can be computed as a power of a simple companion matrix, thus having a compact description suitable even for constrained environments. However, up to now, finding recursive MDS matrices required to perform an exhaustive search on families of companion matrices, thus limiting the size of MDS matrices one could look for. In this article we propose a new direct construction based on shortened BCH codes, allowing to efficiently construct such matrices for whatever parameters. Unfortunately, not all recursive MDS matrices can be obtained from BCH codes, and our algorithm is not always guaranteed to find the best matrices for a given set of parameters.

Original language	English
Title of host publication	Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers
Editors	Carlos Cid, Christian Rechberger
Publisher	Springer Verlag
Pages	3-17
Number of pages	15
ISBN (Print)	9783662467053
DOIs	https://doi.org/10.1007/978-3-662-46706-0_1
Publication status	Published - 1 Jan 2015
Event	21st International Workshop on Fast Software Encryption, FSE 2014 - London, United Kingdom Duration: 3 Mar 2014 → 5 Mar 2014

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	8540
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	21st International Workshop on Fast Software Encryption, FSE 2014
Country/Territory	United Kingdom
City	London
Period	3/03/14 → 5/03/14

Keywords

BCH codes
Linear diffusion
Recursive MDS matrices

Access to Document

10.1007/978-3-662-46706-0_1

Cite this

Augot, D., & Finiasz, M. (2015). Direct construction of recursive MDS diffusion layers using shortened BCH codes. In C. Cid, & C. Rechberger (Eds.), Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers (pp. 3-17). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8540). Springer Verlag. https://doi.org/10.1007/978-3-662-46706-0_1

Augot, Daniel ; Finiasz, Matthieu. / Direct construction of recursive MDS diffusion layers using shortened BCH codes. Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers. editor / Carlos Cid ; Christian Rechberger. Springer Verlag, 2015. pp. 3-17 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{5d2f447f95f8409da0afc2a9a20a99c6,

title = "Direct construction of recursive MDS diffusion layers using shortened BCH codes",

abstract = "MDS matrices allow to build optimal linear diffusion layers in block ciphers. However, MDS matrices cannot be sparse and usually have a large description, inducing costly software/hardware implementations. Recursive MDS matrices allow to solve this problem by focusing on MDS matrices that can be computed as a power of a simple companion matrix, thus having a compact description suitable even for constrained environments. However, up to now, finding recursive MDS matrices required to perform an exhaustive search on families of companion matrices, thus limiting the size of MDS matrices one could look for. In this article we propose a new direct construction based on shortened BCH codes, allowing to efficiently construct such matrices for whatever parameters. Unfortunately, not all recursive MDS matrices can be obtained from BCH codes, and our algorithm is not always guaranteed to find the best matrices for a given set of parameters.",

keywords = "BCH codes, Linear diffusion, Recursive MDS matrices",

author = "Daniel Augot and Matthieu Finiasz",

note = "Publisher Copyright: {\textcopyright} International Association for Cryptologic Research 2015.; 21st International Workshop on Fast Software Encryption, FSE 2014 ; Conference date: 03-03-2014 Through 05-03-2014",

year = "2015",

month = jan,

day = "1",

doi = "10.1007/978-3-662-46706-0\_1",

language = "English",

isbn = "9783662467053",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "3--17",

editor = "Carlos Cid and Christian Rechberger",

booktitle = "Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers",

}

Augot, D & Finiasz, M 2015, Direct construction of recursive MDS diffusion layers using shortened BCH codes. in C Cid & C Rechberger (eds), Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 8540, Springer Verlag, pp. 3-17, 21st International Workshop on Fast Software Encryption, FSE 2014, London, United Kingdom, 3/03/14. https://doi.org/10.1007/978-3-662-46706-0_1

Direct construction of recursive MDS diffusion layers using shortened BCH codes. / Augot, Daniel; Finiasz, Matthieu.
Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers. ed. / Carlos Cid; Christian Rechberger. Springer Verlag, 2015. p. 3-17 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8540).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Direct construction of recursive MDS diffusion layers using shortened BCH codes

AU - Augot, Daniel

AU - Finiasz, Matthieu

N1 - Publisher Copyright: © International Association for Cryptologic Research 2015.

PY - 2015/1/1

Y1 - 2015/1/1

N2 - MDS matrices allow to build optimal linear diffusion layers in block ciphers. However, MDS matrices cannot be sparse and usually have a large description, inducing costly software/hardware implementations. Recursive MDS matrices allow to solve this problem by focusing on MDS matrices that can be computed as a power of a simple companion matrix, thus having a compact description suitable even for constrained environments. However, up to now, finding recursive MDS matrices required to perform an exhaustive search on families of companion matrices, thus limiting the size of MDS matrices one could look for. In this article we propose a new direct construction based on shortened BCH codes, allowing to efficiently construct such matrices for whatever parameters. Unfortunately, not all recursive MDS matrices can be obtained from BCH codes, and our algorithm is not always guaranteed to find the best matrices for a given set of parameters.

AB - MDS matrices allow to build optimal linear diffusion layers in block ciphers. However, MDS matrices cannot be sparse and usually have a large description, inducing costly software/hardware implementations. Recursive MDS matrices allow to solve this problem by focusing on MDS matrices that can be computed as a power of a simple companion matrix, thus having a compact description suitable even for constrained environments. However, up to now, finding recursive MDS matrices required to perform an exhaustive search on families of companion matrices, thus limiting the size of MDS matrices one could look for. In this article we propose a new direct construction based on shortened BCH codes, allowing to efficiently construct such matrices for whatever parameters. Unfortunately, not all recursive MDS matrices can be obtained from BCH codes, and our algorithm is not always guaranteed to find the best matrices for a given set of parameters.

KW - BCH codes

KW - Linear diffusion

KW - Recursive MDS matrices

UR - https://www.scopus.com/pages/publications/84942543850

U2 - 10.1007/978-3-662-46706-0_1

DO - 10.1007/978-3-662-46706-0_1

M3 - Conference contribution

AN - SCOPUS:84942543850

SN - 9783662467053

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 3

EP - 17

BT - Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers

A2 - Cid, Carlos

A2 - Rechberger, Christian

PB - Springer Verlag

T2 - 21st International Workshop on Fast Software Encryption, FSE 2014

Y2 - 3 March 2014 through 5 March 2014

ER -

Augot D, Finiasz M. Direct construction of recursive MDS diffusion layers using shortened BCH codes. In Cid C, Rechberger C, editors, Fast Software Encryption - 21st International Workshop, FSE 2014, Revised Selected Papers. Springer Verlag. 2015. p. 3-17. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-662-46706-0_1

Direct construction of recursive MDS diffusion layers using shortened BCH codes

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this