Path: illuminati.io.com!uunet!newshost.marcam.com!news.mathworks.com!news.
+     duke.edu!news-feed-1.peachnet.edu!gatech!howland.reston.ans.net!math.
+     ohio-state.edu!cis.ohio-state.edu!nntp.sei.cmu.edu!bb3.andrew.cmu.edu!
+     cantaloupe.srv.cs.cmu.edu!ralf
From: Ralf Brown 
Newsgroups: sci.crypt

Subject: Re: Generalized Feistel Networks
Date: 3 Apr 1995 15:23:07 GMT
Organization: Just me and my PC....
Lines: 22
Message-ID: <2f7ff280@ralf>
NNTP-Posting-Host: b.gp.cs.cmu.edu
In-Reply-To: <3lo2ch$br8@blackice.winternet.com>
Originator: ralf@B.GP.CS.CMU.EDU

In article <3lo2ch$br8@blackice.winternet.com>, schneier@klondike.winternet.com 
(Bruce Schneier) wrote:
}The key idea of a Feistel network is it turns a non-invertable one-way
}function into an invertable block cipher.  Look at DES; what is usually
}considered to be function f is everything but that final XOR.  A Feistel
}network is really:
}
}     A' = B
}     B' = A XOR f(B)
}
}That function f does not have to be invertable at all; the Feistel structure
}takes care of the invertability.

Fair enough.  RC5 (as presented in DDJ) does two Feistel-type rounds per
RC5 round, but uses an invertible g(A,B) instead of A XOR f(B).
(Feistel ciphers get a significant performance win out of unrolling the
inner loop by a factor of two, since you can then avoid physically
swapping the halves)

-- 
Internet: RALF+@CS.CMU.EDU  | The University would disclaim this if it knew...
FIDO: Ralf Brown 1:129/26.1 | "Determine that the thing can and shall be done,
BIT: RALF%CS.CMU.EDU@MITVMA | and then we shall find the way." Abraham Lincoln