New Data Seal

From Wikipedia, the free encyclopedia
New Data Seal
First published1975
Derived fromLucifer
Cipher detail
Key sizes2048 bits
Block sizes128 bits
StructureFeistel network
Best public cryptanalysis
Grossman & Tuckerman's slide attack uses at most 212 chosen plaintexts

In cryptography, New Data Seal (NDS) is a block cipher that was designed at IBM in 1975, based on the Lucifer algorithm that became DES.

The cipher uses a block size of 128 bits, and a very large key size of 2048 bits. Like DES it has a 16-round Feistel network structure. The round function uses two fixed 4×4-bit S-boxes, chosen to be non-affine. The key is also treated as an 8×8-bit lookup table, using the first bit of each of the 8 bytes of the half-block as input. The nth bit of the output of this table determines whether or not the two nibbles of the nth byte are swapped after S-box substitution. All rounds use the same table. Each round function ends with a fixed permutation of all 64 bits, preventing the cipher from being broken down and analyzed as a system of simpler independent subciphers.

In 1977, Edna Grossman and Bryant Tuckerman cryptanalyzed NDS using the first known slide attack. This method uses no more than 4096 chosen plaintexts; in their best trial they recovered the key with only 556 chosen plaintexts.


  • Henry Beker & Fred Piper (1982). Cipher Systems: The Protection of Communications. John Wiley & Sons. pp. 263–267. ISBN 0-471-89192-4.
  • D.C. Hankerson; Gary Hoffman; D.A. Leonard; Charles C. Lindner; K.T. Phelps; Christopher A. Rodger; J.R. Wall (2000). Coding Theory and Cryptography: The Essentials (2nd ed.). CRC Press. pp. 240–242. ISBN 0-8247-0465-7.