Hafif sıklet kriptografi için involutif mds matris uygulamaları = Involutory mds matrix applications for lightweight cryptography

Abstract

Kaynak kısıtlı cihazlar(akıllı kartlar, radyo frekansı, tanımlama etiketleri(RFD), kablosuz sensör düğümleri ve Nesnelerin İnterneti(IoT)) günlük hayatımızda önemli bir yer edinmektedir. Yani kaynak kasıtlı dediğimiz yüksek oranda en aza indirilmiş güç tüketimi, düşük işlem gücü ihtiyacı, düşük bellek kapasitesi tüketimi ve düşük güç kaynağı kullanımıdır. Bu teknolojiler bize kolaylık sağladığı gibi bazı riskleri de beraberinde getirmiştir. Bu riskleri ortadan kaldırmak için kriptografik algoritmaların hayatımıza girişi kaçınılmaz olmuştur. Oluşabilecek olumsuz durumları en aza indirebilmek için hafif sıklet(lightweight) şifreleme algoritmaları kullanılmaktadır. Hafif sıklet blok şifrelerin yayılım tabakalarında maksimum uzaklığa ayrılabilen matrisler (MDS) kullanılır. MDS kodlarından türetilen MDS matrisleri kriptografik ilkelerin özelliklerini geliştirir, diferansiyel ve lineer kriptanalize karşı güvenlik sağlamaya yardımcı olur. Ayrıca minimum XOR sayısına sahip ,tersi kendine eşit yani involutif MDS matrisleri şifreleme ve şifre çözmede aynı matrisin kullanımına olanak sağladığı için hem daha düşük maliyete sahiptir hem de alan olarak daha az yer kaplamaktadır. MDS matrislerini oluşturma yöntemleri iki gruba ayrılabilir. Bunlardan birincisi doğrudan oluşturma yöntemleri ve ikincisi ise arama tabanlı yöntemlerdir. İlk yöntem Cauchy matrisi, Vandermonde matrisi, tamamlayıcı matrisler ve kısaltılmış BCH kodlarına ve çarpık özyinelemeli yapılara dayanan yöntemdir. İkinci yöntem ise özyinelemeli yapılar, hibrit yapılar ve özel matris formlarıdır. Verimlilik sağlayan en kolay inşa yöntemlerinden biri için dairesel ve sonlu cisimde Hadamard matrisleri gibi özel matris formları kullanılır. Bu çalışmada hafif sıklet blok şifreler de kullanılan MDS matrislerin üretilmesi için çalışmalar yapılmıştır. İnvolutif MDS matris,XOR sayısı, Genelleştirilmiş Hadamard (GHadamard) ve Cauchy tabanlı Hadamard (Hadamard-Cauchy) matris formları hakkında bilgi vererek ardından uygulamalara geçilmiştir. F_(2^4 ) sonlu cisminde x^4+x+1 indirgenemez polinomunu kullanarak Genelleştirilmiş Hadamard matris formu ile 4x4 involutif MDS matris oluşturulmuştur. F_(2^6 ) sonlu cismi üzerinde x^6+x+1 ve x^6+x^3+1 indirgenemez polinomları kullanılarak Genelleştirilmiş Hadamard matris formu ve Cauchy tabanlı Hadamard matris formu ile birlikte 4x4 involutif MDS matrisler elde edilmiştir. F_(2^7 ) sonlu cisminde ise x^7+x+1 ve x^7+x^3+1 indirgenemez polinomları ile Genelleştirilmiş Hadamard matris formu ve Cauchy tabanlı Hadamard matris formu kullanılarak 4x4 involutif MDS matrsileri oluşturulmuştur. Daha sonra elde ettiğimiz bu matrislerin XOR sayılarını hesaplanmıştır. Böylece F_(2^4 ),F_(2^6 ) ve F_(2^7 ) sonlu cisimleri üzerinde bazı özel matris formları yardımıyla 4x4 involutif MDS matrisleri elde edilmiştir. Ayrıca elde ettiğimiz matrsilerin XOR sayıları da hesaplanmıştır. Bazı uygulamalarımızda oluşturuğumuz matrislerden izomorfizma yardımıyla yeni 4x4 involutif MDS matrisleri elde edilmiştir. Bu yeni oluşturduğumuz matrislerin de XOR sayıları hesaplanarak iki matrisin XOR sayısını kıyaslama şansı elde edilmiştir.

The use of resource-constrained devices (smart cards, radio frequency identification tags (RFD), wireless sensor nodes and the Internet of Things (IoT)) is increasing. So what we call resource-intentional is significantly reduced power consumption, less computational power requirements, less memory capacity consumption and less power supply utilization. While these technologies have brought us convenience, they have also brought some risks. To eliminate these risks, the use of cryptographic algorithms has become inevitable. Especially in resource-constrained devices such as IoT (Internet of Things) WSNs (Wireless Sensor Networks), RFID (Radio Frequency Identification) tags, lightweight encryption algorithms are used to minimize risks. Today, billions of users communicate with each other over insecure communication media. sharing a myriad of information. In this insecure environment, cryptography ensures that information is complete, accurate and guarantees that the message is received in its entirety, because in practice it is not enough just to keep it confidential, it is also important to keep the content of the message it must be determined whether it has been modified. To establish a secure communication channel between the transmitter and receiver channels security services are utilized, information security services are mathematical cryptographic algorithms. To establish a secure communication channel, four the basic information security services are confidentiality, integrity, authentication and is the inability to deny. Today, many users share countless information with each other over insecure communication channel. In this insecure environment, it is cryptography that guarantees that the information reaches the other party completely and accurately. Security services are used for sender-receiver channels and information security services use mathematical cryptographic algorithms. There are four basic information security services for a secure communication channel. These are confidentiality, integrity, authentication and non-repudiation. [48] Maximum distance separable matrices (MDS) are used in the diffusion layers of lightweight block ciphers. MDS matrices derived from mds codes improve the properties of cryptographic primitives and help provide security against differential and linear cryptanalysis. In addition, involutive MDS matrices, which have a minimum XOR number and whose inverse is equal to itself, allow the use of the same matrix in encryption and decryption, which is both less costly and less space consuming. The main motivation for the use of MDS codes in cryptography is that these structures provide excellent propagation. In fact, as introduced by S. Vaudenayin, MDS matrices are isomorphic to multiple permutations over a Z-alphabet, which initially provides excellent propagation. MDS matrices are generated from MDS codes. They have the maximum number of differential and linear branches, which helps to design block ciphers that are resistant to differential and linear cryptanalysis.[45] MDS matrices have gained great importance since the use of MDS matrices in the diffusion layer is known to increase the encryption strength and make ciphers more resistant to linear and cryptanalysis attacks. For this reason, MDS matrix generation has become a field of great interest.[49] Methods for constructing MDS matrices can be divided into two groups. The first one is direct generation methods and the second one is search-based methods. The first group is based on Cauchy matrix, Vandermonde matrix, complement matrices, abbreviated BCH codes and skew recursive structures. The second group includes recursive structures, hybrid structures and special matrix forms. Special matrix forms such as circular and Hadamard matrices over finite field are used for one of the easiest construction methods that provide efficiency.[27] When the methods of creating MDS matrices are examined, it is checked that all square sub-matrices of the matrices created with the search-based method are also MDS, which increases the search cost. In addition, since the space to search for the elements of the created MDS matrix is very large, the applicability of this method in terms of space, speed, efficiency and performance is almost impossible under some conditions (limited system resources). In the direct generation method, on the other hand, since special matrix forms and codes are used to generate the matrix, the space to search for MDS matrices is minimized and thus no search cost is required. MDS matrices created using special matrix forms as Hadamard, Circulant, Toeplitz, Circulant-like require search costs because MDS matrices cannot be created directly with these structures. One of the most important and most costly components in a lightweight cryptography is the diffusion layer. Therefore, the design of the diffusion layers to be formed with a minimum number of hardware elements, especially with low exclusive OR (XOR) count, is one of the open problems in the literature. Generalized-Hadamard (GHadamard-Generalized Hadamard) matrix form is a hybrid method. It uses Hadamard matrices, one of the special matrix forms, in its substructure and generates new MDS matrices directly in Generalized Hadamard form without having to search. The main reason for using Hadamard matrices is that the Hadamard form plays an important role in the generation of involutive MDS matrices. The Hadamard matrix definition is generalized and improved by the generalized Hadamard matrix form [48]. In this paper, we study the generation of MDS matrices used in lightweight block ciphers. We give information about the involutive MDS matrix, XOR number, Generalized Hadamard (GHadamard) and Cauchy-based Hadamard (Hadamard-Cauchy) matrix forms and then proceed to applications. Using the irreducible polynomial x^4+x+1 in the finite field F_(2^4 ), a 4x4 involutive MDS matrix was constructed with the Generalized Hadamard matrix form. Using the irreducible polynomials x^6+x+1 and x^6+x^3+1 on the finite field F_(2^6 ), 4x4 involutive MDS matrices are obtained with the Generalized Hadamard matrix form and the Cauchy-based Hadamard matrix form. In the finite field F_(2^7 ), 4x4 involutive MDS matrices were constructed using the Generalized Hadamard matrix form and Cauchy-based Hadamard matrix form with the irreducible polynomials x^7+x+1 and x^7+x^3+1. Then we computed the XOR numbers of these matrices. Thus, 4x4 involutive MDS matrices were obtained on the finite fields F_(2^4 ), F_(2^6 ) and F_(2^7 ) by using some special matrix forms. We also calculated the XOR numbers of the matrices we obtained. In some of our applications, we obtained new 4x4 involutive MDS matrices with the help of isomorphism from the matrices we created. By calculating the XOR numbers of these newly created matrices, we had the chance to compare the XOR numbers of two matrices.