On Lightweight 4x4 MDS Matrices over Binary Field Extensions

Maximum Distance Separable (MDS) matrices are used as the main part of diffusion layers in block ciphers and hash functions. MDS matrices derived from MDS codes have the maximum differential and linear branch number, which provide resistance against some well-known attacks like differential and linear cryptanalysis together with the use of a nonlinear layer (e.g. S-boxes) in a round function of a block cipher. In this paper, we introduce generic methods to generate lightweight $k \times k$ involutory/non-involutory MDS matrices over $\F_{2^m}$ and present the lightest involutory/non-involutory $4 \times 4$ MDS matrices over $\F_{2^4}$ (to the best of our knowledge) by considering XOR count metric, which is defined to estimate hardware implementation cost. Also, the results are obtained by using a global optimization technique, namely Boyar-Peralta algorithm.