A method for constructing keyed integer permutations over the set Z.sub.N. where N can be factored into p and q, or N can be prime. N bits are permuted by deriving a keyed permutation of representative indices. When N is factorable into p and q, the set of indices are divided into two portions. The portions undergo iterative processing called "rounds," and in each round, a first half-round function operates on the first portion to form a first half-round value; the first half-round value and the second portion are added together by a modulo-p adder to form a first output value; a second half-round function operates on the second portion to form a second half-round value; and the second half-round value and the first portion are added together by a modulo-q adder to form a second output value. In this manner, outputs of the rounds are reordered.If N is prime and not less than 13, then N is separated into composite values s and t, and two sets are formed with s and t elements, respectively. Each set is then permuted using the method for when N is not prime. At the end of each round, the two blocks are combined using a mixing operation.