Path: illuminati.io.com!uunet!newshost.marcam.com!news.mathworks.com!news. + duke.edu!news-feed-1.peachnet.edu!gatech!howland.reston.ans.net!math. + ohio-state.edu!cis.ohio-state.edu!nntp.sei.cmu.edu!bb3.andrew.cmu.edu! + cantaloupe.srv.cs.cmu.edu!ralf From: Ralf BrownNewsgroups: sci.crypt Subject: Re: Generalized Feistel Networks Date: 3 Apr 1995 15:23:07 GMT Organization: Just me and my PC.... Lines: 22 Message-ID: <2f7ff280@ralf> NNTP-Posting-Host: b.gp.cs.cmu.edu In-Reply-To: <3lo2ch$br8@blackice.winternet.com> Originator: ralf@B.GP.CS.CMU.EDU In article <3lo2ch$br8@blackice.winternet.com>, schneier@klondike.winternet.com (Bruce Schneier) wrote: }The key idea of a Feistel network is it turns a non-invertable one-way }function into an invertable block cipher. Look at DES; what is usually }considered to be function f is everything but that final XOR. A Feistel }network is really: } } A' = B } B' = A XOR f(B) } }That function f does not have to be invertable at all; the Feistel structure }takes care of the invertability. Fair enough. RC5 (as presented in DDJ) does two Feistel-type rounds per RC5 round, but uses an invertible g(A,B) instead of A XOR f(B). (Feistel ciphers get a significant performance win out of unrolling the inner loop by a factor of two, since you can then avoid physically swapping the halves) -- Internet: RALF+@CS.CMU.EDU | The University would disclaim this if it knew... FIDO: Ralf Brown 1:129/26.1 | "Determine that the thing can and shall be done, BIT: RALF%CS.CMU.EDU@MITVMA | and then we shall find the way." Abraham Lincoln