具有最小異或數(shù)的最大距離可分矩陣的構(gòu)造

陳少真; 張怡帆; 任炯炯

doi:10.11999/JEIT181113

具有最小異或數(shù)的最大距離可分矩陣的構(gòu)造

doi: 10.11999/JEIT181113

1.
解放軍信息工程大學(xué) ??鄭州 ??450001
2.
數(shù)學(xué)工程與先進計算國家重點實驗室 ??鄭州 ??450001

基金項目: 信息保障技術(shù)重點實驗室開放基金(KJ-17-002)，國家密碼發(fā)展基金(MMJJ20180203)，數(shù)學(xué)工程與先進計算國家重點實驗室開放基金(2018A03)

詳細信息

作者簡介:
陳少真：女，1967年生，教授，研究方向為密碼學(xué)信息安全

張怡帆：女，1993年生，碩士生，研究方向為信息安全

任炯炯：男，1994年生，博士生，研究方向為信息安全

通訊作者:
張怡帆　zhangyifan_fan@163.com

中圖分類號: TP309
計量
- 文章訪問數(shù): 2642
- HTML全文瀏覽量: 1215
- PDF下載量: 90
- 被引次數(shù): 0
出版歷程
- 收稿日期: 2018-12-03
- 修回日期: 2019-05-31
- 網(wǎng)絡(luò)出版日期: 2019-06-12
- 刊出日期: 2019-10-01

Constructions of Maximal Distance Separable Matrices with Minimum XOR-counts

1.
PLA Information Engineering University, Zhengzhou 450001, china
2.
State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, china

Funds: The Foundation of Science and Technology on Information Assurance Laboratory (KJ-17-002), The National Cipher Development Foundation (MMJJ20180203), The State Key Laboratory of Mathematical Engineering and Advanced Computation Open Foundation (2018A03)

摘要

摘要: 隨著物聯(lián)網(wǎng)等普適計算的發(fā)展，傳感器、射頻識別(RFID)標(biāo)簽等被廣泛使用，這些微型設(shè)備的計算能力有限，傳統(tǒng)的密碼算法難以實現(xiàn)，需要硬件效率高的輕量級分組密碼來支撐。最大距離可分(MDS)矩陣擴散性能最好，通常被用于構(gòu)造分組密碼擴散層，異或操作次數(shù)(XORs)是用來衡量擴散層硬件應(yīng)用效率的一個指標(biāo)。該文利用一種能更準(zhǔn)確評估硬件效率的XORs計算方法，結(jié)合一種特殊結(jié)構(gòu)的矩陣—Toeplitz矩陣，構(gòu)造XORs較少效率較高的MDS矩陣。利用Toeplitz矩陣的結(jié)構(gòu)特點，改進矩陣元素的約束條件，降低矩陣搜索的計算復(fù)雜度，在有限域${\mathbb{F}_{{2^8}}}$上得到了已知XORs最少的4×4MDS矩陣和6×6MDS矩陣，同時還得到XORs等于已知最優(yōu)結(jié)果的5×5MDS矩陣。該文構(gòu)造的具有最小XORs的MDS Toeplitz矩陣，對輕量級密碼算法的設(shè)計具有現(xiàn)實意義。
- 分組密碼 /
- 輕量級擴散層 /
- 最大距離可分矩陣 /
- 異或數(shù) /
- Toeplitz矩陣
Abstract: With the development of the internet of things, small-scale communication devices such as wireless sensors and the Radio Frequency IDentification(RFID) tags are widely used, these micro-devices have limited computing power, so that the traditional cryptographic algorithms are difficult to implement on these devices. How to construct a high-efficiency diffusion layer becomes an urgent problem. With the best diffusion property, the Maximal Distance Separable (MDS) matrix is often used to construct the diffusion layer of block ciphers. The number of XOR operations (XORs) is an indicator of the efficiency of hardware applications. Combined with the XORs calculation method which can evaluate hardware efficiency more accurately and a matrix with special structure——Toeplitz matrix, efficient MDS matrices with less XORs can be constructed. Using the structural characteristics of the Toeplitz matrix, the constraints of matrix elements are improved, and the complexity of matrices searching is reduced. The 4×4 MDS matrices and the 6×6 MDS matrices with the least XORs in the finite field ${\mathbb{F}_{{2^8}}}$ are obtained, and the 5×5 MDS matrices with the XORs which are equal to the known optimal results are obtained too. The proposed method of constructing MDS Toeplitz matrices with the least XORs has significance on the design of lightweight cryptographic algorithms.
- Block cipher /
- Lightweight diffusion layers /
- Maximal Distance Separable(MDS) matrices /
- XOR-counts /
- Toeplitz matrices

HTML全文

表 1 本文構(gòu)造結(jié)果與已知結(jié)果對比

矩陣維度	不可約多項式	矩陣實例${\text{M}}$	$C\left( {\text{M}} \right)$	文獻
$4 \times 4$	${x^8} + {x^6} + {x^5} + x + 1$	${\rm{Toep}}\left( {1,1,{x^2},1,{x^{ - 1}},x,{x^2}} \right)$	20	本文
$4 \times 4$	${x^8} + {x^6} + {x^5} + x + 1$	${\rm{Circ}}\left( {1,1,x,{x^{ - 2}}} \right)$	24	文獻[12]
$4 \times 4$	${x^8} + {x^7} + {x^6} + x + 1$	${\rm{Toep}}\left( {1,1,x,{x^{ - 1}},{x^{ - 2}},1,{x^{ - 1}}} \right)$	27	文獻[12]
$4 \times 4$	${x^8} + {x^7} + {x^6} + x + 1$	${\rm{Left - Circ}}\left( {1,1,x,{x^{ - 2}}} \right)$	32	文獻[14]
$4 \times 4$	${x^8} + {x^7} + {x^6} + x + 1$	${\rm{Had}}\left( {1,x,{x^2},{x^{ - 2}}} \right)$	52	文獻[12]
$5 \times 5$	${x^8} + {x^6} + {x^5} + x + 1$	${\rm{Toep}}\left( {1,{x^2},1,{x^{ - 1}},{x^{ - 1}},{x^{ - 1}},{x^{ - 1}},1,{x^2}} \right)$	40	本文
$5 \times 5$	${x^8} + {x^6} + {x^5} + x + 1$	${\rm{Circ}}\left( {1,1,x,{x^{ - 2}},x} \right)$	40	文獻[12]
$5 \times 5$	${x^8} + {x^7} + {x^6} + x + 1$	${\rm{Left - Circ}}\left( {1,1,x,{x^{ - 2}},x} \right)$	55	文獻[14]
$6 \times 6$	${x^8} + {x^6} + {x^5} + x + 1$	${\rm{Toep}}\left( {1,x,x,1,{x^{ - 2}},{x^2},{x^{ - 2}},{x^2},{x^{ - 2}},1,x} \right)$	80	本文
$6 \times 6$	${x^8} + {x^6} + {x^5} + x + 1$	${\rm{Circ}}\left( {1,x,{x^{ - 1}},{x^{ - 2}},1,{x^3}} \right)$	84	文獻[12]
$6 \times 6$	${x^8} + {x^7} + {x^6} + x + 1$	${\rm{Left - Circ}}\left( {1,x,{x^{ - 1}},{x^{ - 2}},1,{x^3}} \right)$	108	文獻[14]

下載: 導(dǎo)出CSV

參考文獻(15)

BIHAM E and SHAMIR A. Differential cryptanalysis of DES-like cryptosystems[J]. Journal of Cryptology, 1991, 4(1): 3–72. doi: 10.1007/BF00630563

MATSUI M. Linear cryptanalysis method for DES cipher[C]. Workshop on the Theory and Application of of Cryptographic Techniques, Lofthus, Norway, 1993: 386–397.

SHIRAI T, SHIBUTANI K, AKISHITA T, et al. The 128-bit blockcipher CLEFIA (extended abstract)[C]. The 14th International Workshop on Fast Software Encryption, Luxembourg, Luxembourg, 2007: 181–195.

BOGDANOV A, KNUDSEN L R, LEANDER G, et al. PRESENT: An ultra-lightweight block cipher[C]. The 9th International Workshop on Cryptographic Hardware and Embedded Systems, Vienna, Austria, 2007: 450–466.

GUO Jian, PEYRIN T, POSCHMANN A, et al. The LED block cipher[C]. The 13th International Workshop on Cryptographic Hardware and Embedded Systems, Nara, Japan, 2011: 326–341.

YANG Gangqiang, ZHU Bo, SUDER V, et al. The SIMECK family of lightweight block ciphers[C]. The 17th International Workshop on Cryptographic Hardware and Embedded Systems, Saint-Malo, France, 2015: 307–329.

SIM S M, KHOO K, OGGIER F, et al. Lightweight MDS involution matrices[C]. The 22nd International Workshop on Fast Software Encryption, Istanbul, Turkey, 2015: 471–493.

LIU Meicheng and SIM S M. Lightweight MDS generalized circulant matrices[C]. The 23rd International Conference on Fast Software Encryption, Bochum, Germany, 2016: 101–120.

LI Yongqiang and WANG Mingsheng. On the construction of lightweight circulant involutory MDS matrices[C]. The 23rd International Conference on Fast Software Encryption, Bochum, Germany, 2016: 121–139.

SARKAR S and SYED H. Lightweight diffusion layer: Importance of Toeplitz matrices[J]. IACR Transactions on Symmetric Cryptology, 2016, 2016(1): 95–113. doi: 10.13154/tosc.v2016.i1.95-113

JEAN J, PEYRIN T, SIM S M, et al. Optimizing implementations of lightweight building blocks[J]. IACR Transactions on Symmetric Cryptology, 2017, 2017(4): 130–168. doi: 10.13154/tosc.v2017.i4.130-168

BEIERLE C, KRANZ T, and LEANDER G. Lightweight multiplication in GF(2ⁿ) with applications to MDS matrices[C]. The 36th Annual International Cryptology Conference, Santa Barbara, USA, 2016: 625–653.

SARKAR S and SYED H. Analysis of Toeplitz MDS matrices[C]. The 22nd Australasian Conference on Information Security and Privacy, Auckland, New Zealand, 2017: 3–18.

KHOO K, PEYRIN T, POSCHMANN A Y, et al. FOAM: Searching for hardware-optimal SPN structures and components with a fair comparison[C]. The 16th International Workshop on Cryptographic Hardware and Embedded Systems, Busan, South Korea, 2014: 433–450.

JUNOD P and VAUDENAY S. Perfect diffusion primitives for block ciphers[C]. The 11th International Workshop on Selected Areas in Cryptography, Waterloo, Canada, 2004: 84–99.

相關(guān)文章

施引文獻

資源附件(0)

訪問統(tǒng)計