# [Cryptography] Random permutation model for encryption as a teaching tool?

Stephan Neuhaus stephan.neuhaus at zhaw.ch
Tue Oct 16 02:29:13 EDT 2018

```Dear list,

thanks for the many responses here. I need to emphasise though that the
students will not be asked to analyse or construct block ciphers, so the
inner workings of a cipher are wholly immaterial.  Some responses have
been along the lines of "if you explained *this* particular way that
ciphers are constructed, they'd have a better understanding of *that*
property". These may be true, but they are not what I've been looking
for. I've rather been looking for a mental black-box model of how
ciphers work. I probably should have explained that better.

From the responses, here is what I got so far:

* Use "pseudorandom functions" a la Lindell & Katz instead (in
"Introduction to Modern Cryptography") (Thanks, Jon)
* Don't talk about permutations that aren't good for block ciphers -- if
they're random (or well-chosen pseudorandom), they'll be good for crypto
* A topical Dilbert cartoon
https://me.me/i/tour-of-accounting-over-here-we-have-our-random-number-11012093
(thanks Peter)
* Don't talk about "permutations of b-bit blocks" because it will make
the students think that the bits in the block will be shuffled around.
(thanks, John)
* A crypto *system* (as opposed to just a cipher) should use a different
permutation for each block in the message, cf. IVs, chaining modes
(thanks, John).
* Finding a good heuristic for the selection of 2^n permutations out of
the (2^b)! possible ones is precisely the problem statement for a "good"
block cipher (thanks, Thierry)

Very useful comments, thank you all very much!

Fun,

Stephan
```