A product cipher is a block cipher that iterates several weak operations such as substitution, transposition, modular addition/multiplication, and linear transformation. (A ``block cipher'' just means a cipher that encrypts a block of data--8 bytes, say--all at once, then goes on to the next block.) The notion of product ciphers is due to Shannon.
Nobody knows how to prove mathematically that a product cipher is completely secure. So in practice one begins by demonstrating that the cipher ``looks highly random''. For example, the cipher must be nonlinear, and it must produce ciphertext which functionally depends on every bit of the plaintext and the key. It was shown that at least 5 iterations of DES are required to guarantee such a dependence. In this sense a product cipher should act as a ``mixing'' function which combines the plaintext, key, and ciphertext in a complex nonlinear fashion.
The fixed per-round substitutions of the product cipher are referred
to as S-boxes. For example, LUCIFER
has 2
S-boxes, and DES has 8
S-boxes. The nonlinearity of a product cipher reduces to a careful
design of these S-boxes.