Many modern symmetric ciphers apply MDS or almost MDS matrices as diffusion layers. The performance of a diffusion layer depends on its diffusion property measured by branch number and implementation cost which is usually measured by the number of XORs required. As the implementation cost of MDS matrices of large dimensions is high, some symmetric ciphers use binary matrices as diffusion layers to trade-off efficiency versus diffusion property. In the current paper, we investigate cyclic binary matrices (CBMs for short), mathematically. Based upon this theorical study, we provide efficient matrices with provable lower bound on branch number and minimal number of fixed-points. We consider the product of sparse CBMs to construct efficiently implementable matrices with the desired cryptographic properties.

中文翻译：

---

循环二进制矩阵的密码学性质

许多现代对称密码将MDS或几乎MDS矩阵用作扩散层。扩散层的性能取决于其扩散性能，该扩散性能由分支数和实施成本来衡量，而实施成本通常由所需的XOR数量来衡量。由于大尺寸MDS矩阵的实现成本很高，一些对称密码使用二进制矩阵作为扩散层来权衡效率与扩散特性。在本文中，我们以数学方式研究了循环二进制矩阵（简称CBM）。基于此理论研究，我们提供了具有可证明的分支数量下限和最少固定点数量的有效矩阵。我们考虑稀疏CBM的乘积来构建具有所需密码属性的有效可实施矩阵。