Confusion and diffusion

In cryptography, confusion and diffusion are two properties of a secure cipher identified by Claude Shannon in his 1945 classified report A Mathematical Theory of Cryptography.^[1] These properties, when present, work together to thwart the application of statistics, and other methods of cryptanalysis.

Confusion in a symmetric cipher is obscuring the local correlation between the input (plaintext), and output (ciphertext) by varying the application of the key to the data, while diffusion is hiding the plaintext statistics by spreading it over a larger area of ciphertext.^[2] Although ciphers can be confusion-only (substitution cipher, one-time pad) or diffusion-only (transposition cipher), any "reasonable" block cipher uses both confusion and diffusion.^[2] These concepts are also important in the design of cryptographic hash functions, and pseudorandom number generators, where decorrelation of the generated values is the main feature. Diffusion (and its avalanche effect) is also applicable to non-cryptographic hash functions.

^ "Information Theory and Entropy". Model Based Inference in the Life Sciences: A Primer on Evidence. Springer New York. 2008-01-01. pp. 51–82. doi:10.1007/978-0-387-74075-1_3. ISBN 9780387740737.
^ ^a ^b Stamp & Low 2007, p. 182.

[1] "Information Theory and Entropy". Model Based Inference in the Life Sciences: A Primer on Evidence. Springer New York. 2008-01-01. pp. 51–82. doi:10.1007/978-0-387-74075-1_3. ISBN 9780387740737.

[FOOTNOTEStampLow2007182-2] Stamp & Low 2007, p. 182.

[1]

[2]