Confusion (cryptology)

As far as possible, no relationship should be discernible between plain text and ciphertext that could be exploited for an attack . Every change in the plain text should have an unpredictable effect on the ciphertext, and structures of the plain text should no longer be recognizable in the ciphertext. An example of the structure of plain text is the frequency of letters . If certain characters or bytes appear more frequently in plain text than others, nothing should be recognizable in the ciphertext.

To achieve confusion, a cryptographic method must contain non-linear operations. A mapping of the input bits to a specific output bit is considered to be linear if the result is only calculated by additions in the field GF (2), i.e. by XORing input bits and possibly negating the result. In other words, the result can be expressed as a polynomial of degree 1 in the input bits. ${\ displaystyle f: \ {0.1 \} ^ {n} \ rightarrow \ {0.1 \}}$

In contrast, the addition of two data words modulo , where the number of bits in a word is not linear . This is because the carry bit to the next point by AND operation is calculated of input, that is by multiplication in GF (2). ${\ displaystyle 2 ^ {e}}$${\ displaystyle e}$

It turns out that the alternating use of addition and bitwise XOR operation is cryptographically more effective than addition alone. Examples of block ciphers that only use addition and XOR to generate confusion are FEAL , TEA , XTEA and Threefish . A method consisting of only A ddition, R otation of data words and X OR are constructed such as Three Fish, also called ARX ciphers.

Many cryptographic methods contain S-boxes as components, which cause a lot of confusion, since one can largely freely choose how an a × b S-box maps the possible values ​​of the input bits to the possible output values. S-boxes are z. B. used in the encryption methods DES , AES , Blowfish , CAST and Serpent . ${\ displaystyle 2 ^ {a}}$${\ displaystyle a}$${\ displaystyle 2 ^ {b}}$