Dear editor,Block ciphers are one of the most important building blocks in many cryptosystems. Modern block ciphers are often iterations with several rounds, where each round comprises a (nonlinear) confusion layer and a (linear) diffusion layer. The diffusion layer plays a significant role in block ciphers as well as in other cryptographic primitives such as hash functions. The security of a diffusion layer is measured by its differential branch number and the linear branch number. If the two branch numbers are larger, the diffusion layer is stronger at resisting differential cryptanalysis and linear cryptanalysis. The diffusion layers with the optimal branch numbers are referred to as maximum distance separable (MDS) (refer to [1-3]). Constructing diffusion layers with large branch numbers is a challenge for cryptosystem designers.There are two types of diffusion layer according to the underlying fields, where the first is over extension fields of the finite field GF (2), and the second type comprises block matrices over GF (2). In fact, the former is a special case of the latter. In [4] and [5], the second type of diffusion layer was considered, i.e., block matrices where every block is a polynomial in a certain block L. Unfortunately, these previous studies only presented approaches for determining the forms of external matrices and failed to specify how to determine the internal block L.In this letter, we also focus on the construction of block MDS diffusion layers where the blocks are all polynomials in a given block A. In contrast to previous studies, our approach starts from the internal block A. We propose a new method based on the minimal polynomials of matrices (refer to [6]) to test whether a diffusion layer is MDS. More significantly, we then present a new type of operation on matrices, which leads to an equivalence relation that can exponentially reduce the computational effort required when we search for MDS matrices. Thus, we describe a definite algorithm for finding block MDS diffusion layers. Using this algorithm, we find a large number of MDS diffusion layers with certain parameters. We give the detailed proofs and experimental results in the supplementary file associated with this letter. Methodology.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.