Complexity measures for sequences over finite fields, such as the linear complexity and the k-error linear complexity, play an important role in cryptology. Recent developments in stream ciphers point towards an interest in word-based stream ciphers, which require the study of the complexity of multisequences. We introduce various options for error linear complexity measures for multisequences. For finite multisequences as well as for periodic multisequences with prime period, we present formulas for the number of multisequences with given error linear complexity for several cases, and we present lower bounds for the expected error linear complexity.
MDS matrices are of great importance in the design of block ciphers and hash functions. MDS matrices are in general not sparse and have a large description and thus induces costly implementation in software/hardware. To overcome this problem, in particular for applications in light-weight cryptography, it was proposed by Guo et. al. to use recursive MDS matrices. Such matrices can be computed as a power of companion matrices. Following this, some ad-hoc techniques are proposed to find recursive MDS matrices which are suitable for hardware/software implementation. In another direction, coding theoretic techniques are used to directly construct recursive MDS matrices: Berger technique uses Gabidulin codes and Augot et. al. technique uses shortened BCH codes. In this paper, we provide a necessary and sufficient condition to construct recursive MDS matrices from non-singular diagonable companion matrices. Then we provide three methods to construct recursive MDS matrices. Moreover, recursive MDS matrices obtained through our first method are same as those obtained using shortened BCH codes. The other two methods provide those companion matrices which can be obtained from Gabidulin codes. However, our formulation of necessary and sufficient condition provides many more possibilities to explore to get recursive MDS matrices.
MDS matrices allow to build optimal linear diffusion layers in the design of block ciphers and hash functions. There has been a lot of study in designing efficient MDS matrices suitable for software and/or hardware implementations. In particular recursive MDS matrices are considered for resource constrained environments. Such matrices can be expressed as a power of simple companion matrices, i.e., an MDS matrix M = C k g for some companion matrix corresponding to a monic polynomial g(X ) ∈ F q [X ] of degree k. In this paper, we first show that for a monic polynomial g(X ) of degree k ≥ 2, the matrix M = C k g is MDS if and only if g(X ) has no nonzero multiple of degree ≤ 2k−1 and weight ≤ k. This characterization answers the issues raised by Augot et al. in FSE-2014 paper to some extent. We then revisit the algorithm given by Augot et al. to find all recursive MDS matrices that can be obtained from a class of BCH codes (which are also MDS) and propose an improved algorithm. We identify exactly what candidates in this class of BCH codes yield recursive MDS matrices. So the computation can be confined to only those potential candidate polynomials, and thus greatly reducing the complexity. As a consequence we are able to provide formulae for the number of such recursive MDS matrices, whereas in FSE-2014 paper, the same numbers are provided by exhaustively searching for some small parameter choices. We also present This is one of several papers published in Designs, Codes and Cryptography comprising the "Special Issue on Coding and Cryptography".
B Ayineedi Venkateswarlu
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.