Algebraic construction of cryptographically good binary linear transformations

Abstract

Maximum Distance Separable MDS and Maximum Distance Binary Linear MDBL codes are used as diffusion layers in the design of the well-known block ciphers like the Advanced Encryption Standard, Khazad, Camellia, and ARIA. The reason for the use of these codes in the design of block ciphers is that they provide optimal diffusion effect to meet security of a round function of a block cipher. On the other hand, the constructions of these diffusion layers are various. For example, whereas the Advanced Encryption Standard uses a 4×4 MDS matrix over GF28, ARIA uses a 16×16 involutory binary matrix over GF28. The most important cryptographic property of a diffusion layer is the branch number of that diffusion layer, which represents the diffusion rate and measures security against linear and differential cryptanalysis. Therefore, MDS and Maximum Distance Binary Linear codes, which provide maximum branch number for a diffusion layer, are preferred in the design of block ciphers as diffusion layers. In this paper, we present a new algebraic construction method based on MDS codes for 8×8 and 16×16 involutory and non-involutory binary matrices of branch numbers 5 and 8, respectively. By using this construction method, we also show some examples of these diffusion layers. Copyright © 2012 John Wiley & Sons, Ltd.