Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [matrix-multiplication]

Matrix multiplication indicates a row-by-column multiplication, where the entries in the Xth row of A are multiplied by the corresponding entries in the Yth column of B and then adding the results.

Matrix multiplication indicates a row-by-column multiplication, where the entries in the Xth row of A are multiplied by the corresponding entries in the Yth column of B and then adding the results.

58 questions
10
votes
1 answer

How to calculate active s-boxes from branch number?

If MDS in AES has branch number 5 (so 5 active s-boxes in 2 rounds), wouldn't that mean 4 rounds of AES has $5*2=10$ active s-boxes? AES paper says it has 25 ($5^2$?) active s-boxes in 4 rounds. How to calculate minimal active s-boxes from branch…
LightBit
  • 1,741
  • 14
  • 28
8
votes
2 answers

How do Käsper and Schwabe's Bitsliced AES Mixcolumns work?

The only way I see it possible to do the matrix-multiplication in the MixColumns operation of AES is by shifting the bits in the multiplied number, and then reduce with the polynomial if needed. This can be done in constant time for a bitsliced…
oPolo
  • 367
  • 1
  • 8
8
votes
2 answers

Matrix key exchange

Given is a square matrix $M$ over a field $F$, we have a key exchange with the following conditions: Person $X$ sends a message to Person $Y$: $C_{1}=AM$, where $A$ is a randomly chosen square matrix. Person $Y$ sends a message to Person $X$:…
CryptoBeginner
  • 355
  • 1
  • 2
  • 5
5
votes
1 answer

How difficult is inverting a non-square matrix?

Partially inspired by ring learning with errors (RLWE), I am trying to construct a cryptosystem that requires the use of a non-invertible matrix. Of the methods I've thought of to generate a matrix of determinant $0$, erasing a row/column or two…
DannyNiu
  • 10,640
  • 2
  • 27
  • 64
5
votes
2 answers

Advantages of Montgomery Ladder-based Scalar Multiplication

I do not quite understand what the greatest advantages are of using the Montgomery ladder algorithm for scalar multiplication? Can someone help me out?
Ceesz
  • 53
  • 1
  • 4
5
votes
1 answer

What is the branch number of this matrix?

We have the following matrix: $$\begin{pmatrix}0&1&1&1\\ 1&0&1&1\\ 1&1&0&1\\ 1&1&1&0\end{pmatrix}$$ What is the branch number? Is this a MDS marix?
LightBit
  • 1,741
  • 14
  • 28
4
votes
0 answers

Why are matrices so common in symmetric encryption?

Matrices have been used in symmetric ciphers since the Hill Cipher (before?) all the way up to modern ciphers such as Twofish and AES. I understand matrices can be invertible, therefore making them useful for decryption, but what other benefits do…
Red Book 1
  • 1,025
  • 10
  • 26
4
votes
0 answers

Is the matrix step of GNFS still the hardest part?

When the factorization of RSA-768 was announced in December 2009: the sieving took about 24 months and the matrix step took 119 days (4 months). So sieving took about 6 times as long. This is despite them over-sieving, meaning they spent longer on…
Nike Dattani
  • 201
  • 3
  • 15
3
votes
0 answers

Proof of knowledge of exponentiations

I am reading a paper of Furukawa and Sako, "An efficient scheme for proving a shuffle" from 2001. This paper writes a protocol for verifiable shuffling in mixnets. Their protocol make use of permutation matrixes, and they consider the use of ElGamal…
Meghann Jones
  • 41
  • 1
3
votes
1 answer

How to multiply a matrix of bits with another?

For example, assume I have two 4x4 matrices of bits: 1 1 1 1 1 1 1 0 0 0 0 0 0 1 1 1 1 0 0 1 1 0 1 1 0 1 1 1 1 0 1 0 I want to apply matrix multiplication for the modified IDEA (International Data Encryption Algorithm).…
goldroger
  • 1,737
  • 8
  • 33
  • 41
3
votes
1 answer

Prove the branch of number of Advanced Encryption Standard

In the Advanced Encryption Standard (AES) document: page 27 section 7.3.1, It defines branch number. It said " Let F be a linear transformation acting on byte vectors and let the byte weight of a vector be the number of nonzero bytes. The…
Rikeijin
  • 211
  • 1
  • 7
3
votes
1 answer

Why does AES use a Binary Field?

The key idea in AES is the use of matrix multiplication and the corresponding inverse (as opposed to Feistel). But the algorithm does that using a GF instead of simple modular arithmetic. Is there any obvious reason to not use simple modular…
Tuntable
  • 188
  • 6
3
votes
1 answer

Twofish MDS multiplication

I wasted the last 2 days finding literature and/or some illustrative explanations on how to perform correct multiplications against the MDS-Matrix in Twofish over $\operatorname{GF}(256)$ with $x^8 + x^6 + x^5 + x^3 + 1$. There seems to be no method…
user2762996
  • 163
  • 1
  • 4
3
votes
1 answer

Why are $\{0,1\}$-matrices almost-MDS only when n is 2, 3, or 4?

In this paper authors claim that $\{0,1\}$-matrices are almost-MDS (have branch number $n - 1$) on when $n$ is $2, 3,$ or $4$. For example, how can this two matrices have the same branch…
LightBit
  • 1,741
  • 14
  • 28
3
votes
1 answer

Constructing of 16x16 Involutory Binary Matrices of Branch Number 7

In the PDF “Algebraic Construction of 16×16 Binary Matrices of Branch Number 7 with One Fixed Point”, it was given that: Matrix 1h = 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 1 Matrix 2h = 0 0 0 1 1 0 0 1 …
venkatesh
  • 31
  • 1
1
2 3 4