Lucifer (cipher)
In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. One version, alternatively named DTD-1, saw commercial use in the 1970s for electronic banking.
One variant, described in (Feistel, 1973), uses a 128-bit key and operates on 128-bit blocks. The cipher is a Substitution-permutation network and uses two 4-bit S-boxes. The key selects which S-boxes are used.
A later Lucifer was a 16-round Feistel network, also on 128-bit blocks and 128-bit keys, described in (Sorkin, 1984). This version was shown to be susceptible to differential cryptanalysis; for about half the keys, the cipher can be broken with 2^{36} chosen plaintexts and 2^{36} time complexity (Ben-Aroya and Biham, 1996).
IBM submitted the Feistel-network version of Lucifer as a candidate for DES (compare the more recent AES process). After some redesign (a reduction to a 56-bit key and 64-bit block, but strengthened against differential cryptanalysis) it became the Data Encryption Standard in 1977.
The name "Lucifer" was apparently a pun on "Demon". This was in turn a truncation of "Demonstration", the name for a privacy system Feistel was working on. The operating system used could not handle the longer name. (See Forth for a similar, also humorous, compression consequence).
References
- Ishai Ben-Aroya, Eli Biham (1996). Differential Cryptanalysis of Lucifer. Journal of Cryptology 9(1), pp. 21–34, 1996.
- Eli Biham, Adi Shamir (1991). Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. CRYPTO 1991: pp156–171
- Whitfield Diffie, Susan Landau (1998). Privacy on the Line: The Politics of Wiretapping and Encryption.
- Horst Feistel, (1973). Cryptography and Computer Privacy". Scientific American, 228(5), May 1973, pp 15–23.
- Stephen Levy. (2001). Crypto: Secrecy and Privacy in the New Code War (Penguin Press Science).
- A. Sorkin, (1984). LUCIFER: a cryptographic algorithm. Cryptologia, 8(1), 22--35, 1984.
External links
Block ciphers |
Algorithms: 3-Way | AES | Blowfish | Camellia | CAST-128 | CAST-256 | CMEA | DEAL | DES | DES-X | FEAL | G-DES | GOST | IDEA | Iraqi | KASUMI | KHAZAD | Khufu and Khafre; | LOKI89/91 | LOKI97 | Lucifer | MacGuffin | Madryga | MAGENTA | MARS | MISTY1 | MMB | NewDES | RC2 | RC5 | RC6 | Red Pike; | S-1 | SAFER | Serpent | SHARK | Skipjack | Square | TEA | Triple DES; | Twofish | XTEA |
Design: Feistel network; | Key schedule; | Product cipher; | S-box | SPN Attacks: Brute force; | Linear / Differential cryptanalysis | Mod n; | XSL Standardisation: AES process; | CRYPTREC | NESSIE Misc: Avalanche effect | Block size; | IV | Key size; | Modes of operation; | Piling-up lemma; | Weak key; |