Scribd
Upload
394 views4 pages

Feistel Cipher

The Feistel cipher uses a substitution-permutation network structure where the plaintext is divided into two blocks, one block is used as input to a round function along with a subkey, and the output is XOR'd with the other block. This process is repeated in rounds with different subkeys, and the blocks are swapped at the end of each round. Feistel encryption and decryption are similar processes that use the subkeys in reverse order. Key parameters of a Feistel cipher include the block size, key size, number of rounds, and design of the subkey generation and round functions.

Uploaded by

Nikhil Mane
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
394 views4 pages

Feistel Cipher

The Feistel cipher uses a substitution-permutation network structure where the plaintext is divided into two blocks, one block is used as input to a round function along with a subkey, and the output is XOR'd with the other block. This process is repeated in rounds with different subkeys, and the blocks are swapped at the end of each round. Feistel encryption and decryption are similar processes that use the subkeys in reverse order. Key parameters of a Feistel cipher include the block size, key size, number of rounds, and design of the subkey generation and round functions.

Uploaded by

Nikhil Mane
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Feistel Cipher:

Feistel proposed a cryptographically stronger cipher that alternates substitutions and


permutations.

Feistel Encryption:
The left part of Figure 1 shows the Feistel Encryption.
The inputs to the encryption algorithm are a plaintext block of length 2w bits and a key K
The plaintext block is divided into two halves, L0 and R0.
The two halves of the data pass through n rounds of processing and then combine to produce
the ciphertext block.
Each round i has as inputs Li - 1 and Ri - 1 derived from the previous round, as well as a
subkey Ki derived from the overall K.
In general, the subkeys Ki are different from K and from each other.

All rounds have the same structure.


A substitution is performed on the left half of the data.
This is done by applying a round function F to the right half of the data and then taking the
exclusive-OR of the output of that function and the left half of the data.
The round function has the same general structure for each round but only differs in the
round subkey Ki.
Following this substitution, a permutation is performed that consists of the interchange of
the two halves of the data.
This structure is a particular form of the substitution-permutation network (SPN) proposed
by Shannon.

Feistel Decryption
The process of decryption with a Feistel cipher is essentially the same as the encryption
process.
The right part of Figure 1 shows Feistel cipher decryption.
The rule is as follows: Use the ciphertext as input to the algorithm, but use the subkeys Ki in
reverse order. That is, use Kn in the first round, Kn - 1 in the second round, and so on, until
K1 is used in the last round.

The notations LEi and REi are used for data traveling through the encryption algorithm and
LDi and RDi for data traveling through the decryption algorithm.
The diagram indicates that, at every round, the intermediate value of the decryption process
is equal to the corresponding value of the encryption process with the two halves of the value
swapped.
Figure 1: Feistel Encryption and Decryption
NOTE: Figure 2 is not necessary to draw it if Feistel Encryption and Decryption is asked.
You should write it only if Classical Feistel Network is asked.

Figure 2: Classical Feistel Network


The exact realization of a Feistel network depends on the choice
of the following parameters and design features:

Block size: Larger block sizes mean greater security (all other things being equal) but
reduced encryption/decryption speed for a given algorithm. The greater security is achieved
by greater diffusion. Traditionally, a block size of 64 bits has been considered a reasonable
tradeoff and was nearly universal in block cipher design.

Key size: Larger key size means greater security but may decrease encryption/ decryption
speed. The greater security is achieved by greater resistance to brute-force attacks and greater
confusion. Key sizes of 64 bits or less are now widely considered being inadequate and 128
bits has become a common size.

Number of rounds: The essence of the Feistel cipher is that a single round offers inadequate
security but that multiple rounds offer increasing security. A typical size is 16 rounds.

Subkey generation algorithm: Greater complexity in this algorithm should lead to greater
difficulty of cryptanalysis.

Round function F: Again, greater complexity generally means greater resistance to


cryptanalysis.

There are two other considerations in the design of a Feistel cipher:

Fast software encryption/decryption: In many cases, encryption is embedded in


applications or utility functions in such a way as to prohibit a hardware implementation.
Accordingly, the speed of execution of the algorithm becomes a concern.

Ease of analysis: Although we would like to make our algorithm as difficult as possible to
cryptanalyze, there is great benefit in making the algorithm easy to analyze. That is, if the
algorithm can be concisely and clearly explained, it is easier to analyze that algorithm for
cryptanalytic vulnerabilities and therefore develop a higher level of assurance as to its
strength. DES, for example, does not have an easily analyzed functionality.

Compiled By: Prof. Radhika Kotecha


Reference: Cryptography and Network Security by William Stallings

You might also like