Product cipher

From Wikipedia, the free encyclopedia

In cryptography, a product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components to make it resistant to cryptanalysis.[1] The product cipher combines a sequence of simple transformations such as substitution (S-box), permutation (P-box), and modular arithmetic. The concept of product ciphers is due to Claude Shannon, who presented the idea in his foundational paper, Communication Theory of Secrecy Systems. A particular product cipher design where all the constituting transformation functions have the same structure is called an iterative cipher with the term "rounds" applied to the functions themselves.[2]

For transformation involving reasonable number of n message symbols, both of the foregoing cipher systems (the S-box and P-box) are by themselves wanting. Shannon suggested using a combination of S-box and P-box transformation—a product cipher. The combination could yield a cipher system more powerful than either one alone. This approach of alternatively applying substitution and permutation transformation has been used by IBM in the Lucifer cipher system, and has become the standard for national data encryption standards such as the Data Encryption Standard and the Advanced Encryption Standard. A product cipher that uses only substitutions and permutations is called a SP-network. Feistel ciphers are an important class of product ciphers.


  1. ^ Handbook of Applied Cryptography by Alfred J. Menezes, Paul C. van Oorschot, Scott A. Vanstone. Fifth Printing (August 2001) page 251.
  2. ^ Biryukov 2005.


  • Biryukov, Alex (2005). "Product Cipher, Superencryption". Encyclopedia of Cryptography and Security. Springer US. pp. 480–481. doi:10.1007/0-387-23483-7_320. ISBN 978-0-387-23473-1.

External links[edit]