Lucifer (cipher)

In cryptography, Lucifer was the name given to several of the earliest civilian block ciphers, developed by Horst Feistel and his colleagues at IBM. Lucifer was a direct precursor to the Data Encryption Standard. One version, alternatively named DTD-1, saw commercial use in the 1970s for electronic banking.

DesignersHorst Feistel et al.
First published1971
Cipher detail
Key sizes48, 64 or 128 bits
Block sizes48, 32 or 128 bits
StructureSubstitution-permutation network, Feistel network


LUCIFER uses a combination of Transposition and Substitution crypting as a starting point in decoding ciphers. One variant, described by Feistel in 1971,[1] uses a 48-bit key and operates on 48-bit blocks. The cipher is a Substitution-permutation network and uses two 4-bit S-boxes. The key selects which S-boxes are used. The patent describes the execution of the cipher operating on 24-bits at a time, and also a sequential version operating on 8-bits at a time. Another variant by John L. Smith from the same year[2] uses a 64-bit key operating on a 32-bit block, using one addition mod 4 and a singular 4-bit S-box. The construction is designed to operate on 4 bits per clock cycle. This may be one of the smallest block-cipher implementations known. Feistel later described a stronger variant that uses a 128-bit key and operates on 128-bit blocks.[3]

Sorkin (1984) described a later Lucifer was a 16-round Feistel network, also on 128-bit blocks and 128-bit keys.[4] This version is susceptible to differential cryptanalysis; for about half the keys, the cipher can be broken with 236 chosen plaintexts and 236 time complexity.[5]

IBM submitted the Feistel-network version of Lucifer as a candidate for the Data Encryption Standard (compare the more recent AES process). It became the DES after the National Security Agency reduced the cipher's key size to 56 bits, reduced the block size to 64 bits, and made the cipher resistant against differential cryptanalysis, which was at the time known only to IBM and the NSA.

The name "Lucifer" was apparently a pun on "Demon". This was in turn a truncation of "Demonstration", the name for a privacy system Feistel was working on. The operating system used could not handle the longer name.[6]

Description of the Sorkin variant

The variant described by Sorkin (1984) has 16 Feistel rounds, like DES, but no initial or final permutations. The key and block sizes are both 128 bits. The Feistel function operates on a 64-bit half-block of data, together with a 64-bit subkey and 8 "interchange control bits" (ICBs). The ICBs control a swapping operation. The 64-bit data block is considered as a series of eight 8-bit bytes, and if the ICB corresponding to a particular byte is zero, the left and right 4-bit halves (nibbles) are swapped. If the ICB is one, the byte is left unchanged. Each byte is then operated on by two 4×4-bit S-boxes, denoted S0 and S1 — S0 operates on the left 4-bit nibble and S1 operates on the right. The resultant outputs are concatenated and then combined with the subkey using exclusive or (XOR); this is termed "key interruption". This is followed by a permutation operation in two stages; the first permutes each byte under a fixed permutation. The second stage mixes bits between the bytes.

The key-scheduling algorithm is relatively simple. Initially, the 128 key bits are loaded into a shift register. Each round, the left 64 bits of the register form the subkey, and right eight bits form the ICB bits. After each round, the register is rotated 56 bits to the left.


  1. ^ Horst Feistel. Block Cipher Cryptographic System, US Patent 3,798,359. Filed June 30, 1971. (IBM)
  2. ^ John Lynn Smith. Recirculating Block Cipher Cryptographic System, US Patent 3,796,830. Filed Nov 2, 1971. (IBM)
  3. ^ Horst Feistel, (1973). Cryptography and Computer Privacy". Scientific American, 228(5), May 1973, pp 15–23.
  4. ^ A. Sorkin, (1984). LUCIFER: a cryptographic algorithm. Cryptologia, 8(1), 22–35, 1984.
  5. ^ Ishai Ben-Aroya, Eli Biham (1996). Differential Cryptanalysis of Lucifer. Journal of Cryptology 9(1), pp. 21–34, 1996.
  6. ^ Konheim, Alan G. (2007), Computer Security and Cryptography, John Wiley & Sons, p. 283, ISBN 9780470083970.

Further reading

  • Eli Biham, Adi Shamir (1991). Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. CRYPTO 1991: pp156–171
  • Whitfield Diffie, Susan Landau (1998). Privacy on the Line: The Politics of Wiretapping and Encryption.
  • Steven Levy. (2001). Crypto: Secrecy and Privacy in the New Code War (Penguin Press Science).

External links

Aspera (company)

Aspera is a data transport and streaming technology company that provides high speed data transfer solutions to send, share, stream and sync large files and data sets. Aspera belongs to the hybrid cloud business unit of IBM.

Cambridge Scientific Center

The IBM Cambridge Scientific Center was a company research laboratory established in February 1964 in Cambridge, Massachusetts. Situated at 545 Technology Square (Tech Square), in the same building as MIT's Project MAC, it was later renamed the IBM Scientific Center. It is most notable for creating the CP-40 and the control program portions of CP/CMS, a virtual machine operating system developed for the IBM System/360-67.

Data Encryption Standard

The Data Encryption Standard (DES ) is a symmetric-key algorithm for the encryption of electronic data. Although its short key length of 56 bits, criticized from the beginning, makes it too insecure for most current applications, it was highly influential in the advancement of modern cryptography.

Developed in the early 1970s at IBM and based on an earlier design by Horst Feistel, the algorithm was submitted to the National Bureau of Standards (NBS) following the agency's invitation to propose a candidate for the protection of sensitive, unclassified electronic government data. In 1976, after consultation with the National Security Agency (NSA), the NBS eventually selected a slightly modified version (strengthened against differential cryptanalysis, but weakened against brute-force attacks), which was published as an official Federal Information Processing Standard (FIPS) for the United States in 1977.

The publication of an NSA-approved encryption standard simultaneously resulted in its quick international adoption and widespread academic scrutiny. Controversies arose out of classified design elements, a relatively short key length of the symmetric-key block cipher design, and the involvement of the NSA, nourishing suspicions about a backdoor. Today it is known that the S-boxes that had raised those suspicions were in fact designed by the NSA to actually remove a backdoor they secretly knew (differential cryptanalysis). However, the NSA also ensured that the key size was drastically reduced such that they could break it by brute force attack. The intense academic scrutiny the algorithm received over time led to the modern understanding of block ciphers and their cryptanalysis.

DES, as stated above, is insecure. This is mainly due to the 56-bit key size being too small. In January 1999, and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes (see chronology). There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are infeasible to mount in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. This cipher has been superseded by the Advanced Encryption Standard (AES). Furthermore, DES has been withdrawn as a standard by the National Institute of Standards and Technology.

Some documentation makes a distinction between DES as a standard and as an algorithm, referring to the algorithm as the DEA (Data Encryption Algorithm).

Feistel cipher

In cryptography, a Feistel cipher is a symmetric structure used in the construction of block ciphers, named after the German-born physicist and cryptographer Horst Feistel who did pioneering research while working for IBM (USA); it is also commonly known as a Feistel network. A large proportion of block ciphers use the scheme, including the Data Encryption Standard (DES). The Feistel structure has the advantage that encryption and decryption operations are very similar, even identical in some cases, requiring only a reversal of the key schedule. Therefore, the size of the code or circuitry required to implement such a cipher is nearly halved.

A Feistel network is an iterated cipher with an internal function called a round function.

IBM Research

IBM Research is IBM's research and development division. It is the largest industrial research organization in the world, with twelve labs on six continents.IBM employees have garnered six Nobel Prizes, six Turing Awards, 20 inductees into the U.S. National Inventors Hall of Fame, 19 National Medals of Technology, five National Medals of Science and three Kavli Prizes.As of 2018, the company has generated more patents than any other business in each of 25 consecutive years, which is a record.

IBM Research – Africa

IBM Research – Africa is one of twelve research laboratories comprising IBM Research. Located at the Catholic University of Eastern Africa in Nairobi, it opened on November 7, 2013. It is the first commercial technology research facility on the African continent conducting both applied and far-reaching exploratory research.The lab is directed by Chief Scientist Osamuyimen Stewart, who oversees a research staff of 25.

IBM Research – Australia

IBM Research – Australia is a research and development laboratory established by IBM Research in 2009 in Melbourne. It is involved in social media, interactive content, healthcare analytics and services research, multimedia analytics, and genomics. The lab is headed by Vice President and Lab Director Joanna Batstone. It was to be the company’s first laboratory combining research and development in a single organisation.The opening of the Melbourne lab in 2011 received an injection of $22 million in Australian Federal Government funding and an undisclosed amount provided by the government of the state of Victoria.

IBM Research – Brazil

IBM Research – Brazil is one of twelve research laboratories comprising IBM Research, its first in South America. It was established in June 2010, with locations in São Paulo and Rio de Janeiro. Research focuses on Industrial Technology and Science, Systems of Engagement and Insight, Social Data Analytics and Natural Resources Solutions.

The new lab, IBM's ninth at the time of opening and first in 12 years, underscores the growing importance of emerging markets and the globalization of innovation. In collaboration with Brazil's government, it will help IBM to develop technology systems around natural resource development and large-scale events such as the 2016 Summer Olympics.Engineer and associate lab director Ulisses Mello explains that IBM has four priority areas in Brazil: "The main area is related to natural resources management, involving oil and gas, mining and agricultural sectors. The second is the social data analytics segment that comprises the analysis of data generated from social networking sites [such as Twitter or Facebook], which can be applied, for example, to financial analysis. The third strategic area is nanotechnology applied to the development of the smarter devices for the intermittent production industry. This technology can be applied to, for example, blood testing or recovering oil from existing fields. And the last one is smarter cities."

IBM Research – Ireland

IBM Research – Ireland is one of IBM Research's twelve worldwide research laboratories, a first for the European Union and the only one which focuses on smarter technology for cities.

Opened in 2011 in Damastown Industrial Park, in the north-west of Dublin, Ireland, it conducts research on such critical resources as water, energy, and marine environments, as well transportation, city fabric, risk, and exascale computing.The Smarter Cities Technology Centre at IBM Research – Ireland represents an IDA Ireland - supported investment of up to EUR 66 million. As many as 200 new jobs are hoped to be created.

IBM Somers Office Complex

The IBM Somers Office Complex is a complex of five office buildings formerly owned and occupied by IBM in Somers, New York, United States. Situated on a 730-acre (3.0 km2) campus, I. M. Pei designed pyramid of glass structures house regional headquarters for the IBM corporation.Begun in 1984, the modernist 1,200,000-square-foot (110,000 m2) complex has been described as a "futuristic fortress".

Key size

In cryptography, key size or key length is the number of bits in a key used by a cryptographic algorithm (such as a cipher).

Key length defines the upper-bound on an algorithm's security (i.e., a logarithmic measure of the fastest known attack against an algorithm, relative to the key length), since the security of all algorithms can be violated by brute-force attacks. Ideally, key length would coincide with the lower-bound on an algorithm's security. Indeed, most symmetric-key algorithms are designed to have security equal to their key length. However, after design, a new attack might be discovered. For instance, Triple DES was designed to have a 168 bit key, but an attack of complexity 2112 is now known (i.e., Triple DES has 112 bits of security). Nevertheless, as long as the relation between key length and security is sufficient for a particular application, then it doesn't matter if key length and security coincide. This is important for asymmetric-key algorithms, because no such algorithm is known to satisfy this property; elliptic curve cryptography comes the closest with an effective security of roughly half its key length.

List of cryptographers

List of cryptographers.

New-collar worker

A new-collar worker is an individual who develops technical and soft skills needed to work in the contemporary technology industry through nontraditional education paths. The term was introduced by IBM CEO Ginni Rometty in late 2016 and refers to "middle-skill" occupations in technology, such as cybersecurity analysts, application developers and cloud computing specialists.

New Data Seal

In cryptography, New Data Seal (NDS) is a block cipher that was designed at IBM in 1975, based on the Lucifer algorithm that became DES.

The cipher uses a block size of 128 bits, and a very large key size of 2048 bits. Like DES it has a 16-round Feistel network structure. The round function uses two fixed 4×4-bit S-boxes, chosen to be non-affine. The key is also treated as an 8×8-bit lookup table, using the first bit of each of the 8 bytes of the half-block as input. The nth bit of the output of this table determines whether or not the two nibbles of the nth byte are swapped after S-box substitution. All rounds use the same table. Each round function ends with a fixed permutation of all 64 bits, preventing the cipher from being broken down and analyzed as a system of simpler independent subciphers.

In 1977, Edna Grossman and Bryant Tuckerman cryptanalyzed NDS using the first known slide attack. This method uses no more than 4096 chosen plaintexts; in their best trial they recovered the key with only 556 chosen plaintexts.

Product cipher

In cryptography, a product cipher combines two or more transformations in a manner intending that the resulting cipher is more secure than the individual components to make it resistant to cryptanalysis. The product cipher combines a sequence of simple transformations such as substitution (S-box), permutation (P-box), and modular arithmetic. The concept of product ciphers is due to Claude Shannon, who presented the idea in his foundational paper, Communication Theory of Secrecy Systems.

For transformation involving reasonable number of n message symbols, both of the foregoing cipher systems (the S-box and P-box) are by themselves wanting. Shannon suggested using a combination of S-box and P-box transformation—a product cipher. The combination could yield a cipher system more powerful than either one alone. This approach of alternatively applying substitution and permutation transformation has been used by IBM in the Lucifer cipher system, and has become the standard for national data encryption standards such as the Data Encryption Standard and the Advanced Encryption Standard. A product cipher that uses only substitutions and permutations is called a SP-network. Feistel ciphers are an important class of product ciphers.

The Weather Company

The Weather Company is a weather forecasting and information technology company that owns and operates and Weather Underground. The Weather Company is a subsidiary of the Watson & Cloud Platform business unit of IBM.

Truven Health Analytics

Truven Health Analytics is a IBM Watson Health Company that provides healthcare data and analytics services. It provides information, analytic tools, benchmarks, research, and services to the healthcare industry, including hospitals, government agencies, employers, health plans, clinicians, pharmaceutical, biotech and medical device companies.

Formerly the Thomson Healthcare of Thomson Corporation, on April 23, 2012, Thomson Reuters agreed to sell this business to Veritas Capital for US$1.25 billion. On June 6, 2012, the sale of the healthcare division was finalized and the new company, Truven Health Analytics, became an independent organization solely focused on healthcare. Truven is a portmanteau of the words "trusted" and "proven". IBM Corporation acquired Truven on February 18, 2016, and merged with IBM's Watson Health unit.

Business entities
Board of directors

This page is based on a Wikipedia article written by authors (here).
Text is available under the CC BY-SA 3.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.