A construction of a cipher from a single pseudorandom permutation

Shannon defined a random cipher as a collection of randomly chosen permutations, one for each value of the key.We suggest a scheme for a block cipher which uses only one randomly chosen permutation, F. The key, consisting of two blocks, K₁ and K₂ is used in the following way: The message block is XORed with K₁ before applying F, and the outcome is XORed with K₂, to produce the cryptogram block. This removes the need to store, or generate a multitude of permutations.Although the resulting cipher is not random, we claim that it is secure. First, it is shown that if F is chosen randomly then, with high probability the scheme is secure against any polynomial-time algorithmic attack. Next, it is shown that if F is chosen pseudorandomly, the system remains secure against oracle-type attacks.The scheme may lead to a system more efficient than systems such as the DES and its siblings, since the designer has to worry about one thing only: How to implement one pseudorandomly chosen permutation. This may be easier than getting one for each key.