Confusion and Diffusion

 

    The terms confusion and diffusion were introduced by Claude Shannon to capture the two basic building blocks for any cryptographic system. Shannon's concern was to thwart cryptanalysis based on statistical analysis. Shannon suggests two methods for frustrating statistical cryptanalysis, diffusion, and confusion.
  1.  Diffusion
  2.     It means any of the characters in plaintext is changed then simultaneously several characters of the ciphertext should also be changed. Similarly, if the character of ciphertext is changed then simultaneously several characters of plaintext should be changed. It is a classical transposition cipher.
    An example of diffusion is to encrypt a message M = m1,m2,m3,... of characters with an average operation.
    y(n)=(i=1kmn+i)
    adding k successive letters to get ciphertext letters yn.
    "Diffusion" = Transposition or Permutation
    For eg, Hill cipher has the characteristic of diffusion.

  3. Confusion
    1. Confusion seeks to make the relationship between the statistics of the ciphertext and the value of the encryption key as complex as possible, again to thwart attempts to discover the key.
    2. Thus, even if the attacker can get some handle on the statistics of the ciphertext, the ways in which the key was used to produce that ciphertext is so complex as to make it difficult to deduce the key. This is achieved by use of a complex substitution algorithm. 
    3. For eg., suppose we have a Hill cipher with a matrix nxn and suppose we have a plaintext-ciphertext pair of length n2 with which we are able to solve for the encryption matrix. If we change one character of the ciphertext, one column of the matrix can change completely. Of course, it would be more desirable to have the entire key change. When a situation like that happened, the cryptanalyst would probably need to solve for the entire key simultaneously, rather than piece by piece.