Ciphers, which are widely used for encrypting communication, are often classified as either stream ciphers or block ciphers. A stream cipher is defined as “a symmetric cipher that operates with a time-varying transformation on individual plain-text digits. By contrast, block ciphers operate with a fixed transformation on large blocks of plain-text digits” [1]. RC4 is an example of a stream cipher. Notable block ciphers include the advanced encryption standard (AES), IDEA, Blowfish, and RC5. This book is concerned with block cipher designs introduced by Lai and Massey [2], who designed the PES and IDEA ciphers. Many other block ciphers follow their design guidelines.

This 700-plus-page book comprises only five chapters and three appendices. The first chapter is introductory and brief. It describes symmetric and asymmetric ciphers, product ciphers, the origins of MESH ciphers, and so on. The second chapter talks about block ciphers that make use of the Lai-Massey design paradigm. These block ciphers include PES, IDEA, the MESH family, RIDEA, WIDEA-n, FOX/IDEA-NXT, REESSE3+, and three others.

Chapter 3 discusses various types of attacks, including brute force, dictionary, birthday paradox, time/memory tradeoff, differential cryptanalysis and its variations (such as truncated differential, multiplicative differential, and impossible-differential), slide, advanced slide, bi-clique, boomerang, linear cryptanalysis, differential-linear cryptanalysis, square/multiset, Demirci, Biryukov-Demirci, key-dependent distribution, BDK, man-in-the-middle, and related-key attacks. This chapter forms the bulk of the book and runs about 480 pages.

The fourth chapter is on new cipher designs, which have benefited from insights obtained via earlier experiences. It discusses four new experimental cipher designs. Chapter 5 concludes the book, followed by three appendices on A) monoids, groups, rings, and fields; B) differential and linear branch numbers; and C) S-boxes (substitution boxes). Each chapter ends with numerous references to the literature. The subject index is helpful. The book’s website provides extra material, including data related to the cipher MESH-128(8). Note that the many mathematical symbols, equations, figures, and tables make reading cumbersome and difficult.

This is the first thorough book on Lai-Massey cipher designs. Its focus is cryptanalysis and design. The author’s painstaking research, gathered from various sources, focuses exclusively on ciphers based on the Lai-Massey design paradigm. The book will be a very useful and indispensable resource for readers interested in understanding, designing, and deploying such ciphers.