In this paper, we propose an efficient method to find lightweight involutory MDS matrices. To obtain involutory matrices, we give a necessary and sufficient condition for judging the involutory MDS property and propose a search method. For the \(n\times n\) involutory MDS matrices over \({\mathbb {F}}_{2^m}\), the amount of computation is reduced from \(2^{mn^2}\) to \(2^{(mn^2)/2}\). Especially, we can exhaustively search for involutory MDS matrices when \(n=4\), and for larger n, we add additional restrictions to reduce the search range. As for finding lightweight ones, we use the permutation-equivalent class to extend the input such that the efficiency of the heuristic designed by Xiang et al. can be improved. Applying our method, we obtain a class of \(16\times 16\) binary MDS matrices with branch number 5, which can be implemented with only 35 XOR gates. The results even reach the same implementation cost as the lightest non-involutory MDS matrix up to now. Concerning lightweight binary matrices with order 32, it is hard to obtain optimal results through search. Hence, we construct \(32\times 32\) matrices with the lightweight \(16 \times 16\) matrices that we found. In this way, we obtain two classes of \( 4 \times 4 \) involutory MDS matrices whose entries are \( 8 \times 8 \) binary matrices with 70 XOR gates while the previous lightest matrices with the same size cost 78 XOR gates. Moreover, we also generalize our search method to general cases and it is provable that the approach is feasible for MDS matrices of order 6 and 8 to achieve efficient search.

在本文中，我们提出了一种有效的方法来找到轻量级的不对称MDS矩阵。为了获得非对开矩阵，我们给出了判断非对开MDS属性的必要和充分条件，并提出了一种搜索方法。对于\（{\ mathbb {F}} _ {2 ^ m} \）上的\（n \ timesn \）个非强制MDS矩阵，计算量从\（2 ^ {mn ^ 2} \）减少到\（2 ^ {（mn ^ 2）/ 2} \）。特别是，当\（n = 4 \）时，我们可以穷举搜索不合规的MDS矩阵；对于更大的n，我们可以穷举搜索。，我们增加了其他限制以缩小搜索范围。至于寻找轻量级的方法，我们使用等价的类来扩展输入，以使Xiang等人设计的启发式方法的效率更高。可以改善。应用我们的方法，我们获得一类\（16 \ times 16 \）二进制MDS矩阵，其分支号为5，该矩阵只能用35个XOR门来实现。到目前为止，结果甚至达到了与最轻巧的非自愿MDS矩阵相同的实施成本。关于阶数为32的轻量级二进制矩阵，很难通过搜索获得最佳结果。因此，我们使用发现的轻量级\（16 \ times 16 \）矩阵构造\（32 \ times 32 \）矩阵。这样，我们获得了两类\（4 \ times 4 \）非强制性MDS矩阵，其条目为\（8 \ times 8 \）具有70个XOR门的二进制矩阵，而以前的最轻的具有相同XOR矩阵的成本为78 XOR门。此外，我们还将搜索方法推广到一般情况，并且证明该方法对于阶数为6和8的MDS矩阵是可行的，以实现有效的搜索。