Junod, PascalVaudenay, Serge2007-01-192007-01-192007-01-19200410.1007/978-3-540-30564-4_6https://infoscience.epfl.ch/handle/20.500.14299/239784WOS:0002285515000066786Although linear perfect diffusion primitives, i.e. MDS matrices, are widely used in block ciphers, e.g. AES, very little systematic work has been done on how to find ``efficient'' ones. In this paper we attempt to do so by considering software implementations on various platforms. These considerations lead to interesting combinatorial problems: how to maximize the number of occurrences of 1 in those matrices, and how to minimize the number of pairwise different entries. We investigate these problems and construct efficient $4\times4$ and $8\times8$ MDS matrices to be used e.g. in block ciphers.NCCR-MICSNCCR-MICS/CL3text::conference output::conference proceedings::conference paper