Improving the Generalized Feistel
- Cite this paper as:
- Suzaki T., Minematsu K. (2010) Improving the Generalized Feistel. In: Hong S., Iwata T. (eds) Fast Software Encryption. FSE 2010. Lecture Notes in Computer Science, vol 6147. Springer, Berlin, Heidelberg
The generalized Feistel structure (GFS) is a generalized form of the classical Feistel cipher. A popular version of GFS, called Type-II, divides a message into k > 2 sub blocks and applies a (classical) Feistel transformation for every two sub blocks, and then performs a cyclic shift of k sub blocks. Type-II GFS has many desirable features for implementation. A drawback, however, is its low diffusion property with a large k. This weakness can be exploited by some attacks, such as impossible differential attack. To protect from them, Type-II GFS generally needs a large number of rounds.
In this paper, we improve the Type-II GFS’s diffusion property by replacing the cyclic shift with a different permutation. Our proposal enables to reduce the number of rounds to attain a sufficient level of security. Thus, we improve the security-efficiency treading off of Type-II GFS. In particular, when k is a power of two, we obtain a significant improvement using a highly effective permutation based on the de Bruijn graph.