On Constructions of MDS Matrices From Circulant-Like Matrices For Lightweight Cryptography

Maximum distance separable (MDS) matrices have applications not only in coding theory but are also of great importance in the design of block ciphers and hash functions. It is highly nontrivial to find MDS matrices which could be used in lightweight cryptography. In a SAC 2004 paper, Junod et. al. constructed a new class of efficient MDS matrices whose submatrices were circulant matrices and they coined the term circulating-like matrices for these new class of matrices which we rename as circulant-like matrices. In this paper we study this construction and propose efficient 4 × 4 and 8 × 8 circulant-like MDS matrices. We prove that such d × d circulant-like MDS matrices can not be involutory or orthogonal which are good for designing SPN networks. Although these matrices are efficient, but the inverse of such matrices are not guaranteed to be efficient. Towards this we design a new type of circulantlike MDS matrices which are by construction involutory. Our construction is based on the scheme which was initially proposed in SAC 1997 by Youssef et. al. where they considered the construction of 2d× 2d involutory MDS matrices starting from some d× d submatrix which is an MDS matrix. In our construction we take the d× d submatrix as circulant MDS matrices. We prove the nonexistence of such 2d×2d involutory MDS matrices whenever d is even. Using this construction and taking d = 3, we construct 6 × 6 involutory MDS matrices which are suitable for SPN networks.