Newsgroups: sci.crypt Path: illuminati.io.com!uunet!rose.uthscsa.edu!al.skidmore.edu!news. + sprintlink.net!crash!straits From: straits@crash.cts.com (Stewart Strait) Subject: Re: Generalized Feistel Networks Organization: CTS Network Services (CTSNET), San Diego, CA Date: Mon, 3 Apr 1995 06:00:17 GMT Message-ID:X-Newsreader: TIN [version 1.2 PL2] References: <3lndp5$nm4@cantaloupe.srv.cs.cmu.edu> Sender: news@crash.cts.com (news subsystem) Nntp-Posting-Host: crash.cts.com Lines: 28 Ralf Brown (ralf+@cs.cmu.edu) wrote: .... : This idea can be generalized to the N parts of a block (said block naturally : being larger than in the N=2 case normally used). For instance, if N=4, : then the subblocks A,B,C,D of a block would be transformed as follows for : encryption: : A' = D : B' = f(A,B) : C' = f(B,C) : D' = f(C,D) : with decryption using : D = A' : C = f'(D,D') : B = f'(C,C') : A = f'(B,B') .... : We can further generalize by using multiple mixing functions--there could : be up to N-1 distinct mixing functions applied in each round. This will : naturally require careful design to avoid sets of functions which neutralize : each other. If the mixing functions are linear, we get a simple form of the Hill System, i.e. ciphertext vector=key matrix * plaintext vector, since every invertible matrix is a product of matrix representations of elementary row operations. The Hill System is not secure (at all!) against known plaintext attack, but it's interesting that it is Feistel-like.