A note on cyclic MDS and non-MDS matrices
Tapas Chatterjee, Ayantika Laha
TL;DR
The paper investigates the relationship between cyclic and circulant matrices in the context of diffusion-layer MDS properties. It proves a unique permutation mapping that converts cyclic matrices to circulant form and generalizes g-circulant representations, enabling transfer of known circulant results to cyclic matrices. A key result is that for $2^d\times2^d$ matrices over a field of characteristic 2 with gcd$(g,2^d)=1$, the determinant of a $g$-circulant matrix satisfies det$(A)=(\sum_{i} c_i)^{2^d}$ and $A^{2^d}=(\sum_i c_i^{2^d}) I$, which implies such matrices cannot be both orthogonal and MDS; this nonexistence extends to cyclic matrices of the same order. The findings constrain the construction of diffusion layers using cyclic MDS/orthogonal matrices in characteristic 2 and open directions for other orders and generalized properties. The work provides structural insights with practical implications for hardware-friendly diffusion-layer design and emphasizes order-dependent limitations in the MDS/orthogonal regime.
Abstract
In $1998,$ Daemen {\it{ et al.}} introduced a circulant Maximum Distance Separable (MDS) matrix in the diffusion layer of the Rijndael block cipher, drawing significant attention to circulant MDS matrices. This block cipher is now universally acclaimed as the AES block cipher. In $2016,$ Liu and Sim introduced cyclic matrices by modifying the permutation of circulant matrices and established the existence of MDS property for orthogonal left-circulant matrices, a notable subclass within cyclic matrices. While circulant matrices have been well-studied in the literature, the properties of cyclic matrices are not. Back in $1961$, Friedman introduced $g$-circulant matrices which form a subclass of cyclic matrices. In this article, we first establish a permutation equivalence between a cyclic matrix and a circulant matrix. We explore properties of cyclic matrices similar to $g$-circulant matrices. Additionally, we determine the determinant of $g$-circulant matrices of order $2^d \times 2^d$ and prove that they cannot be simultaneously orthogonal and MDS over a finite field of characteristic $2$. Furthermore, we prove that this result holds for any cyclic matrix.