Construction of 4 x 4 Lightweight Low-Latency Involutory MDS Matrices

As the demand for lightweight cryptographic solutions continues to rise, the need for cryptography applications on devices with limited resources becomes increasingly crucial. In this context, low-area and low-latency implementations of linear layers have emerged as critical factors in the field of lightweight cryptography. Maximal Distance Separable (MDS) matrices, due to their ability to provide maximum branch number and effectively resist differential and linear cryptanalysis, have been widely used in the design of linear diffusion layers in block ciphers. In this paper, we propose an efficient search framework to search for the 4 x 4 low-latency involutory MDS matrices over F-24 and then find lightweight ones among them. With the assistance of this framework, we have discovered 4 involutory MDS matrices that require only 42 XOR gates to be implemented with a circuit depth of 3, resulting in one XOR gate saved compared to the previous best result. Then we have constructed 32 x 32 binary involutory MDS matrices with 84 XOR gates, which are also the best-known results. The 32 x 32 matrices with 84 XORs are trivially obtained from the 42-XOR matrices using the subfield construction. Moreover, we conduct a partial search over F-28 and investigate the impact of the number of identity matrices among 16 entries of a 4 x 4 involutory MDS matrix on the implementation cost.