Learn and talk about Lucifer (cipher), Broken block ciphers, Data Encryption Standard, Feistel ciphers

This article includes a list of references, related reading or external links, but its sources remain unclear because it lacks inline citations. Please improve this article by introducing more precise citations. (March 2009)

In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. One version, alternatively named DTD-1, saw commercial use in the 1970s for electronic banking.

1 Overview
2 Description of the Sorkin variant
3 References
4 External links

Overview [edit]

One variant, described in (US Patent 3,798,359; June 1971), uses a 48-bit key and operates on 48-bit blocks. The cipher is a Substitution-permutation network and uses two 4-bit S-boxes. The key selects which S-boxes are used. The patent describes the execution of the cipher operating on 24-bits at a time, and also a sequential version operating on 8-bits at a time.

Another variant, described in (US Patent 3,796,830; Nov 1971), uses a 64-bit key operating on a 32-bit block, using one addition mod 4 and a singular 4-bit S-box. The construction is designed to operate on 4 bits per clock cycle. This may be one of the smallest block-cipher implementations known.

A stronger variant, described in (Feistel, 1973), uses a 128-bit key and operates on 128-bit blocks. The cipher is a Substitution-permutation network and uses two 4-bit S-boxes. The key selects which S-boxes are used.

A later Lucifer was a 16-round Feistel network, also on 128-bit blocks and 128-bit keys, described in (Sorkin, 1984). This version was shown to be susceptible to differential cryptanalysis; for about half the keys, the cipher can be broken with 2³⁶ chosen plaintexts and 2³⁶ time complexity (Ben-Aroya and Biham, 1996).

IBM submitted the Feistel-network version of Lucifer as a candidate for the Data Encryption Standard (compare the more recent AES process). It became the DES after the National Security Agency reduced the cipher's key size to 56 bits, reduced the block size to 64 bits, and made the cipher resistant against differential cryptanalysis, which was at the time known only to IBM and the NSA.

The name "Lucifer" was apparently a pun on "Demon". This was in turn a truncation of "Demonstration", the name for a privacy system Feistel was working on.^{[citation needed]} The operating system used could not handle the longer name.

Description of the Sorkin variant [edit]

The variant described in (Sorkin, 1984) has 16 Feistel rounds, like DES, but no initial or final permutations. The key and block sizes are both 128 bits. The Feistel function operates on a 64-bit half-block of data, together with a 64-bit subkey and 8 "interchange control bits" (ICBs). The ICBs control a swapping operation. The 64-bit data block is considered as a series of eight 8-bit bytes, and if the ICB corresponding to a particular byte is zero, the left and right 4-bit halves (nibbles) are swapped. If the ICB is one, the byte is left unchanged. Each byte is then operated on by two 4×4-bit S-boxes, denoted S₀ and S₁ — S₀ operates on the left 4-bit nibble and S₁ operates on the right. The resultant outputs are concatenated and then combined with the subkey using exclusive or (XOR); this is termed "key interruption". This is followed by a permutation operation in two stages; the first permutes each byte under a fixed permutation. The second stage mixes bits between the bytes.

The key-scheduling algorithm is relatively simple. Initially, the 128 key bits are loaded into a shift register. Each round, the left 64 bits of the register form the subkey, and right eight bits form the ICB bits. After each round, the register is rotated 56 bits to the left.

References [edit]

Horst Feistel. Block Cipher Cryptographic System, US Patent 3,798,359. Filed June 30, 1971. (IBM)
John Lynn Smith. Recirculating Block Cipher Cryptographic System, US Patent 3,796,830. Filed Nov 2, 1971. (IBM)
Horst Feistel, (1973). Cryptography and Computer Privacy". Scientific American, 228(5), May 1973, pp 15–23.
A. Sorkin, (1984). LUCIFER: a cryptographic algorithm. Cryptologia, 8(1), 22–35, 1984.
Eli Biham, Adi Shamir (1991). Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. CRYPTO 1991: pp156–171
Ishai Ben-Aroya, Eli Biham (1996). Differential Cryptanalysis of Lucifer. Journal of Cryptology 9(1), pp. 21–34, 1996.
Whitfield Diffie, Susan Landau (1998). Privacy on the Line: The Politics of Wiretapping and Encryption.
Steven Levy. (2001). Crypto: Secrecy and Privacy in the New Code War (Penguin Press Science).

External links [edit]

John Savard's description of Lucifer

v t e IBM

History	History of IBM Mergers and acquisitions Think (motto) Operating Systems

Products	Cell microprocessor Mainframe Personal Computer IBM Power Systems Information Management Lotus Software Rational SPSS ILOG Tivoli: Service Automation Manager WebSphere alphaWorks Criminal Reduction Utilising Statistical History Mashup Center PureQuery Redbooks Fortran

Business entities	Global Services jStart Research International

Facilities	Towers Montreal Atlanta Software Labs Rome Toronto IBM Buildings Chicago Johannesburg Seattle Research Labs Austin China Tokyo Zurich Haifa India Almaden Facilities Hakozaki Yamato IBM Scientific Center Hursley House Canada Head Office Building Thomas J. Watson Research Center IBM Rochester Somers Office Complex

Initiatives	Academy of Technology Centers for Advanced Studies: CASCON Deep Thunder IBM Fellow IBM Distinguished Engineer Pulse conference The Great Mind Challenge DeveloperWorks: Develothon Linux Technology Center IBM Virtual Universe Community Smarter Planet

Inventions	Automated teller machine (ATM) Electronic keypunch Hard disk drive Floppy disk DRAM Relational model Selectric Typewriter Financial swaps Universal Product Code Magnetic stripe card SABRE airline reservation system Scanning tunneling microscope

Terminology	Globally Integrated Enterprise Commercial Processing Workload Consumability Technology dividend e-business

CEOs	T. J. Watson (1914–1956) T. J. Watson, Jr. (1956–1971) T. V. Learson (1971–1973) F. T. Cary (1973–1981) J. R. Opel (1981–1985) J. F. Akers (1985–1993) L. V. Gerstner, Jr. (1993–2002) S. J. Palmisano (2002–2011) V. M. Rometty (2012–present)

Board of directors	Alain Belda William R. Brody Kenneth Chenault Michael L. Eskew David Farr Shirley Ann Jackson Andrew N. Liveris James McNerney James W. Owens Samuel J. Palmisano Virginia M. Rometty Joan E. Spero Sidney Taurel Lorenzo Zambrano

Other	A Boy and His Atom Common Public License/IBM Public License Customer engineer Deep Thought Dynamic infrastructure GUIDE International IBM and the Holocaust IBM international chess tournament Lucifer cipher Mathematica SHARE computing ScicomP Watson (computer)

v t e Block ciphers (security summary)

Common algorithms	AES Blowfish DES Triple DES Serpent Twofish

Less common algorithms	Camellia CAST-128 IDEA RC2 RC5 SEED Skipjack TEA XTEA

Other algorithms	3-Way Akelarre Anubis ARIA BaseKing BassOmatic BATON BEAR and LION CAST-256 CIKS-1 CIPHERUNICORN-A CIPHERUNICORN-E CLEFIA CMEA Cobra COCONUT98 Crab Cryptomeria/C2 CRYPTON CS-Cipher DEAL DES-X DFC E2 FEAL FEA-M FROG G-DES GOST Grand Cru Hasty Pudding cipher Hierocrypt ICE IDEA NXT Intel Cascade Cipher Iraqi KASUMI KeeLoq KHAZAD Khufu and Khafre KN-Cipher Ladder-DES Libelle LOKI97 LOKI89/91 Lucifer M6 M8 MacGuffin Madryga MAGENTA MARS Mercy MESH MISTY1 MMB MULTI2 MultiSwap New Data Seal NewDES Nimbus NOEKEON NUSH PRESENT Q RC6 REDOC Red Pike S-1 SAFER SAVILLE SC2000 SHACAL SHARK SMS4 Spectr-H64 Square SXAL/MBAL Threefish Treyfer UES Xenon xmx XXTEA Zodiac

Design	Feistel network Key schedule Product cipher S-box P-box SPN

Attack (cryptanalysis)	Brute force MITM Linear Differential (Impossible Truncated Higher-order) Integral Boomerang Mod n Related-key Slide Rotational Timing XSL Interpolation Partitioning Davies'

Standardization	AES process CRYPTREC NESSIE

Misc	Avalanche effect Block size Initialization vector Key size Modes of operation Padding Piling-up lemma Weak key EFF DES cracker Key whitening

v t e Cryptography

History of cryptography Cryptanalysis Cryptography portal Outline of cryptography

Symmetric-key algorithm Block cipher Stream cipher Public-key cryptography Cryptographic hash function Message authentication code Random numbers Steganography

Original courtesy of Wikipedia: http://en.wikipedia.org/wiki/Lucifer_(cipher) — Please support Wikipedia.
A portion of the proceeds from advertising on Digplanet goes to supporting Wikipedia.

Lucifer (cipher)

Contents

Overview [edit]

Description of the Sorkin variant [edit]

References [edit]

External links [edit]

Talk About Lucifer (cipher)

Support Wikipedia