What is a Feistel Cipher in Information Security?

A Feistel cipher is a cryptographic approach used in the construction of block cipherbased algorithms and structure. A Feistel network implements a sequence of iterative ciphers on a block of information and is frequently designed for block ciphers that encrypt huge quantities of data.

A Feistel network operates by splitting the data block into two same pieces and using encryption in multiple rounds. Each round implements permutation and sequence derived from the primary function or key. The number of rounds change for each cipher that implements a Feistel network.

A Feistel cipher is a multi-round cipher that divides the current private state of the cipher into two parts and works only on an individual part in each round of encryption or decryption.

Feistel proposed that it can approximate the conceptual block cipher by using the concept of a product cipher, which is the execution of two or more simple ciphers in sequence in such a method that the final result or product is cryptographically better than any of the component ciphers.

The essence of the method is to create a block cipher with a key length of k bits and a block length of n bits, enabling a total of possible 2k transformations, instead of 2n! Transformation available with the ideal block cipher.

Feistel proposed the usage of a cipher that alternates substitutions and permutations, where these methods are defined as follows −

Substitution − Each plaintext component or set of component is uniquely restored by a corresponding cipher text component or set of component.

Permutation − An order of plaintext component is resaved by a permutation of that order. That is, no elements are inserted or removed or replaced in the sequence, instead of order in which the elements appear in the sequence is changed.

Feistel ciphers is known as key schedule that facilitates as an input to each round of the cipher. There are two available choices for a key schedule.

The first is that the key for each round of the cipher (or "round key") is contained in the secret key shared by the two parties (resulting in a high shared secret key).

The other alternative is that the shared secret key is used as an input to a "key expansion" function which implement some operation on the previous round key or the current internal state of the key generation algorithm to create the next round key.

The K function transforms the original secret key into round keys for each round of encryption. This function should be selected to support the key space of the encryption function.

If a 64-bit secret key is needed, but at similar point the effective key space shrinks to 32 bits, therefore an attacker only has to search a space of 32-bit keys in order to decrypt the ciphertext.

Updated on: 11-Mar-2022


Kickstart Your Career

Get certified by completing the course

Get Started