Substitution-permutation network

Substitution permutation network ( SPN) is a design principle for block ciphers. An example of a substitution - permutation network is the Advanced Encryption Standard.

Description

A substitution - permutation network consists of a number of rounds of the same structure. In each round, a round key is added to the first input. Then the result is divided into several blocks, and each block by means of the substitution box ( S-box ) is replaced by another block. These blocks are mixed again by a Permutationsbox (P- box).

At the last round of the P- box can be omitted because it can be eliminated from any trivial from the result. Therefore, it is useful to add one more time a round key to the result, to prevent the substitutions can be easily eliminated.

Properties

An SPN design has good diffusion and confusion, because if will change a bit of the plaintext or key, several bits of the output of the S-box, which are then distributed through the P-box in different S- boxes in the next round of change. For AES -128, for example, a change in an input bits causes within two rounds of a change in each byte of the output.

Unlike Feistelchiffren substitution permutation networks in general are not by simply rearranging the key reversible, since the S-box is not self-inverse. They allow for a higher degree of parallel processing.