An MDS matrix (maximum distance separable) is a matrix representing a function with certain diffusion properties that have useful applications in cryptography. Technically, an matrix over a finite field is an MDS matrix if it is the transformation matrix of a linear transformation from to such that no two different -tuples of the form coincide in or more components. Equivalently, the set of all -tuples is an MDS code, i.e., a linear code that reaches the Singleton bound.
Let be the matrix obtained by joining the identity matrix to . Then a necessary and sufficient condition for a matrix to be MDS is that every possible submatrix obtained by removing rows from is non-singular. This is also equivalent to the following: all the sub-determinants of the matrix are non-zero. Then a binary matrix (namely over the field with two elements) is never MDS unless it has only one row or only one column with all components .
Reed–Solomon codes have the MDS property and are frequently used to obtain the MDS matrices used in cryptographic algorithms.
Serge Vaudenay suggested using MDS matrices in cryptographic primitives to produce what he called multipermutations, not-necessarily linear functions with this same property.[1] These functions have what he called perfect diffusion: changing of the inputs changes at least of the outputs. He showed how to exploit imperfect diffusion to cryptanalyze functions that are not multipermutations.
^Vaudenay, Serge (1995), Preneel, Bart (ed.), "On the need for multipermutations: Cryptanalysis of MD4 and SAFER", Fast Software Encryption, vol. 1008, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 286–297, doi:10.1007/3-540-60590-8_22, ISBN978-3-540-60590-4, retrieved 2023-07-17
Vincent Rijmen; Joan Daemen; Bart Preneel; Antoon Bosselaers; Erik De Win (February 1996). The Cipher SHARK(PDF/PostScript). 3rd International Workshop on Fast Software Encryption (FSE '96). Cambridge: Springer-Verlag. pp. 99–111. Retrieved 2007-03-06.
matrix, maximum, distance, separable, matrix, representing, function, with, certain, diffusion, properties, that, have, useful, applications, cryptography, technically, displaystyle, times, matrix, displaystyle, over, finite, field, displaystyle, transformatio. An MDS matrix maximum distance separable is a matrix representing a function with certain diffusion properties that have useful applications in cryptography Technically an m n displaystyle m times n matrix A displaystyle A over a finite field K displaystyle K is an MDS matrix if it is the transformation matrix of a linear transformation f x A x displaystyle f x Ax from K n displaystyle K n to K m displaystyle K m such that no two different m n displaystyle m n tuples of the form x f x displaystyle x f x coincide in n displaystyle n or more components Equivalently the set of all m n displaystyle m n tuples x f x displaystyle x f x is an MDS code i e a linear code that reaches the Singleton bound Let A I n A displaystyle tilde A begin pmatrix mathrm I n hline mathrm A end pmatrix be the matrix obtained by joining the identity matrix I n displaystyle mathrm I n to A displaystyle A Then a necessary and sufficient condition for a matrix A displaystyle A to be MDS is that every possible n n displaystyle n times n submatrix obtained by removing m displaystyle m rows from A displaystyle tilde A is non singular This is also equivalent to the following all the sub determinants of the matrix A displaystyle A are non zero Then a binary matrix A displaystyle A namely over the field with two elements is never MDS unless it has only one row or only one column with all components 1 displaystyle 1 Reed Solomon codes have the MDS property and are frequently used to obtain the MDS matrices used in cryptographic algorithms Serge Vaudenay suggested using MDS matrices in cryptographic primitives to produce what he called multipermutations not necessarily linear functions with this same property 1 These functions have what he called perfect diffusion changing t displaystyle t of the inputs changes at least m t 1 displaystyle m t 1 of the outputs He showed how to exploit imperfect diffusion to cryptanalyze functions that are not multipermutations MDS matrices are used for diffusion in such block ciphers as AES SHARK Square Twofish Anubis KHAZAD Manta Hierocrypt Kalyna Camellia and HADESMiMC and in the stream cipher MUGI and the cryptographic hash function Whirlpool Poseidon References edit Vaudenay Serge 1995 Preneel Bart ed On the need for multipermutations Cryptanalysis of MD4 and SAFER Fast Software Encryption vol 1008 Berlin Heidelberg Springer Berlin Heidelberg pp 286 297 doi 10 1007 3 540 60590 8 22 ISBN 978 3 540 60590 4 retrieved 2023 07 17 Vincent Rijmen Joan Daemen Bart Preneel Antoon Bosselaers Erik De Win February 1996 The Cipher SHARK PDF PostScript 3rd International Workshop on Fast Software Encryption FSE 96 Cambridge Springer Verlag pp 99 111 Retrieved 2007 03 06 Bruce Schneier John Kelsey Doug Whiting David Wagner Chris Hall Niels Ferguson June 15 1998 The Twofish Encryption Algorithm PDF PostScript Retrieved 2007 03 04 nbsp This cryptography related article is a stub You can help Wikipedia by expanding it vte Retrieved from https en wikipedia org w index php title MDS matrix amp oldid 1186206753, wikipedia, wiki, book, books, library,
