EPFL Logo
fr|en
Login
Concept

Lucifer (cipher)

In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. One version, alternatively named DTD-1, saw commercial use in the 1970s for electronic banking. Lucifer uses a combination of transposition and substitution crypting as a starting point in decoding ciphers. One variant, described by Feistel in 1971, uses a 48-bit key and operates on 48-bit blocks. The cipher is a substitution–permutation network and uses two 4-bit S-boxes. The key selects which S-boxes are used. The patent describes the execution of the cipher operating on 24 bits at a time, and also a sequential version operating on 8 bits at a time. Another variant by John L. Smith from the same year uses a 64-bit key operating on a 32-bit block, using one addition mod 4 and a singular 4-bit S-box. The construction is designed to operate on 4 bits per clock cycle. This may be one of the smallest block-cipher implementations known. Feistel later described a stronger variant that uses a 128-bit key and operates on 128-bit blocks. described a later Lucifer as a 16-round Feistel network, also on 128-bit blocks and 128-bit keys. This version is susceptible to differential cryptanalysis; for about half the keys, the cipher can be broken with 236 chosen plaintexts and 236 time complexity. IBM submitted the Feistel-network version of Lucifer as a candidate for the Data Encryption Standard (compare the more recent AES process). It became the DES after the National Security Agency reduced the cipher's key size to 56 bits, reduced the block size to 64 bits, and made the cipher resistant against differential cryptanalysis, which was at the time known only to IBM and the NSA. The name "Lucifer" was apparently a pun on "Demon". This was in turn a truncation of "Demonstration", the name for a privacy system Feistel was working on. The operating system used . The variant described by has 16 Feistel rounds, like DES, but no initial or final permutations.

Official source
About this result
This page is automatically generated and may contain information that is not correct, complete, up-to-date, or relevant to your search query. The same applies to every other page on this website. Please make sure to verify the information with EPFL's official sources.

Copyright © 2025 EPFL, all rights reserved

Graph Chatbot

Chat with Graph Search

Ask any question about EPFL courses, lectures, exercises, research, news, etc. or try the example questions below.

DISCLAIMER: The Graph Chatbot is not programmed to provide explicit or categorical answers to your questions. Rather, it transforms your questions into API requests that are distributed across the various IT services officially administered by EPFL. Its purpose is solely to collect and recommend relevant references to content that you can explore to help you answer your questions.