On the Direct Construction of MDS and Near-MDS Matrices

TL;DR

This paper introduces new direct construction methods for MDS and Near-MDS matrices, including recursive and nonrecursive approaches, using generalized Vandermonde matrices, enhancing design options for cryptographic diffusion layers.

Contribution

It provides the first direct recursive construction methods for NMDS matrices and new constructions for MDS matrices from generalized Vandermonde matrices.

Findings

Proposed direct constructions of NMDS matrices in recursive and nonrecursive forms.

New methods for constructing involutory MDS and NMDS matrices.

Proofs of folklore results related to NMDS codes.

Abstract

The optimal branch number of MDS matrices makes them a preferred choice for designing diffusion layers in many block ciphers and hash functions. Consequently, various methods have been proposed for designing MDS matrices, including search and direct methods. While exhaustive search is suitable for small order MDS matrices, direct constructions are preferred for larger orders due to the vast search space involved. In the literature, there has been extensive research on the direct construction of MDS matrices using both recursive and nonrecursive methods. On the other hand, in lightweight cryptography, Near-MDS (NMDS) matrices with sub-optimal branch numbers offer a better balance between security and efficiency as a diffusion layer compared to MDS matrices. However, no direct construction method is available in the literature for constructing recursive NMDS matrices. This paper introduces some direct constructions of NMDS matrices in both nonrecursive and recursive settings. Additionally, it presents some direct constructions of nonrecursive MDS matrices from the generalized Vandermonde matrices. We propose a method for constructing involutory MDS and NMDS matrices using generalized Vandermonde matrices. Furthermore, we prove some folklore results that are used in the literature related to the NMDS code.