Journal of Cryptology

, Volume 10, Issue 3, pp 151–161 | Cite as

A construction of a cipher from a single pseudorandom permutation



We suggest a scheme for a block cipher which uses only one randomly chosen permutation,F. The key, consisting of two blocks,K1 andK2, is used in the following way. The message block is XORed withK1 before applyingF, and the outcome is XORed withK2, to produce the cryptogram block. We show that the resulting cipher is secure (when the permutation is random or pseudorandom). This removes the need to store, or generate a multitude of permutations.

Key words

Pseudorandomness DES Block cypher 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    J. Daemen, Limitations of the Even-Mansour construction,Proceedings of AisaCrypt, 1991.Google Scholar
  2. [2]
    M. Luby and C. Rackoff, How to construct pseudorandom permutations from pseudorandom functions,SIAM J. Comput., Vol. 17, No. 2, 1988, pp. 373–386.MATHCrossRefMathSciNetGoogle Scholar
  3. [3]
    National Bureau of Standards,Data Encryption Standard, Federal Information Processing Standard, U.S. Department of Commerce, FIPS PUB 46, Washington, DC, 1977.Google Scholar
  4. [4]
    C. E. Shannon, Communication theory of secrecy systems,Bell System Tech. J., Vol. 28, 1949, pp. 656–715.MathSciNetGoogle Scholar

Copyright information

© International Association for Cryptologic Research 1997

Authors and Affiliations

  1. 1.Computer Science Department, TechnionIsrael Institute of TechnologyHaifaIsrael
  2. 2.Computer Science DepartmentTel-Aviv UniversityTel AvivIsrael

Personalised recommendations