FPGAKey Logo
This website uses cookies. By using this site, you consent to the use of cookies. For more information, please take a look at our Privacy Policy.
Home > FPGA Technical Tutorials > Design Recipes for FPGAs Using Verilog and VHDL > Secure Systems > Feistel Lattice Structures

TABLE OF CONTENTS

Xilinx FPGA FPGA Forum

Feistel Lattice Structures

FONT SIZE : AAA

A block cipher operates on a plaintext block of n bits to produce a block of ciphertext of n bits. For the algorithm to be reversible (i.e., for decryption to be possible) there must be a unique mapping between the two sets of blocks. This can also be called a non singular transformation. For example, consider the following transformations as shown in Figure 10.1. 

Obviously, this is essentially a substitution cipher, which may be susceptible to the standard statistical analysis techniques used for simple cryptanalysis of text (such as frequency analysis). As the block size increases, then this becomes increasingly less feasible. An obvious practical difficulty with this approach is the number of transformations required as n increases. This mapping is essentially the key and the number of bits will determine the key size. Therefore, for an n-bit general substitution block cipher, the key size is calculated as follows:

key = n × 2n  (10.1)

For a specific case where n = 64, the key size becomes 64 × 264 = 1021.

In order to get around this complexity problem, Feistel proposed an approach called a product cipher whereby the combination of several simple steps leads to a much more cryptographically secure solution than any of the component ciphers used. His approach relies on the alternation of two types of function:

• Diffusion 

• Confusion

Reversible and irreversible transformationspng

Figure 10.1 

Reversible and irreversible transformations.

These two concepts are grounded in an approach developed by Shannon used in most standard block ciphers in common use today. Shannon’s goal was to define cryptographic functions that would not be susceptible to statistical analysis. He therefore proposed two methods for reducing the ability of statistical cryptanalysis to find the original message, classified as diffusion and confusion.

In diffusion, the statistical structure of the plaintext is dissipated throughout the long-term statistics of the ciphertext. This is achieved by making each bit of the plaintext affect the value of many bits of the ciphertext. An example of this would be to add letters to a ciphertext such that the frequency of each letter is the same, regardless of the message. In binary block ciphers the technique uses multiple permutations and functions such that each bit of the ciphertext is affected by multiple bits in the plaintext.

Each block of plaintext is transformed into a block of ciphertext, and this depends on the key. Confusion aims to make the relationship between the ciphertext and the key as complex as possible to reduce the possibility of ascertaining the key. This requires a complex substitution algorithm, as a linear substitution would not protect the key.

Both diffusion and confusion are the cornerstones of successful block cipher design. 

The result of these requirements is the Feistel Lattice (shown in Figure 10.2). This is the basic architecture that is used in block ciphers such as DES.

The inputs to the algorithm are the plaintext (of length 2w bits) and a key K. The plaintext is split into two halves L and R, and the data is then passed through n rounds of processing and then recombined to produce the ciphertext. Each round has an input Li−1 and Ri−1 derived from the previous round and a subkey Ki, derived from the overall key K. Each round has the same structure. The left half of the data has a substitution performed. This requires a round function F to be performed on the right half of the data and then XORed with the left half. Finally a permutation is performed that requires the interchange of the two halves of the data.

The implementation of a Feistel network has the following key parameters:

• Block size A larger block size generally means greater security, but reduced speed. 64-bit block sizes are very heavily used as being a reasonable trade-off—although AES now uses 128 bits.

Feistel lattice structurepng

Figure 10.2 

Feistel lattice structure.

• Key Size The same trade-off applies as for block size. Generally 64 bits is not now considered adequate and 128 bits is preferred. 

• Number of rounds Each round adds additional security. A single round is inadequate, but 16 is considered standard. 

• Subkey generation The more complex this algorithm is, the more secure the overall system will be. 

• Round function Greater complexity again means greater resistance to cryptanalysis.


NEXT >

PRINT PAGE

  • XC2V2000-4FFG896I

    Manufacturer:Xilinx

  • FPGA Virtex-II Family 2M Gates 24192 Cells 650MHz 0.15um Technology 1.5V 896-Pin FCBGA

  • Product Categories: FPGAs (Field Programmable Gate Array)

    Lifecycle:Obsolete -

    RoHS:

  • XC4003E-3PQ100C

    Manufacturer:Xilinx

  • FPGA XC4000E Family 3K Gates 238 Cells 0.35um Technology 5V 100-Pin PQFP EP

  • Product Categories: FPGA

    Lifecycle:Obsolete -

    RoHS: No RoHS

  • XCV300-4BG352I

    Manufacturer:Xilinx

  • FPGA Virtex Family 322.97K Gates 6912 Cells 250MHz 0.22um Technology 2.5V 352-Pin Metal BGA

  • Product Categories: FPGAs (Field Programmable Gate Array)

    Lifecycle:Obsolete -

    RoHS: No RoHS

  • XC5VLX110-2FF1760I

    Manufacturer:Xilinx

  • FPGA Virtex-5 LX Family 110592 Cells 65nm Technology 1V 1760-Pin FCBGA

  • Product Categories: FPGAs (Field Programmable Gate Array)

    Lifecycle:Active Active

    RoHS: No RoHS

  • XC5VLX110-2FFG1760C

    Manufacturer:Xilinx

  • FPGA Virtex-5 LX Family 110592 Cells 65nm Technology 1V 1760-Pin FCBGA

  • Product Categories: FPGAs (Field Programmable Gate Array)

    Lifecycle:Active Active

    RoHS:

Need Help?

Support

If you have any questions about the product and related issues, Please contact us.