5.4 DESIRABLE PROPERTIES OF AN ENCRYPTION SYSTEM
An effective encryption system produces ciphertext from which it is computationally infeasible to recover the original plaintext without the key. The following properties are generally regarded as essential to strong cryptographic design:
- No structure observable in cipher text. The ciphertext should exhibit no statistical patterns that reveal information about the plaintext. Frequent symbols in the plaintext—such as the letter e in English—must not lead to detectable regularities in the ciphertext. This requirement eliminates monoalphabetic substitution ciphers and motivates the use of multiple substitution and transposition stages in modern systems. Ciphertext produced by a secure encryption scheme, when used with an appropriate mode of operation, should be computationally indistinguishable from random data under standard attack models (e.g., chosen-plaintext attack).
- Long key length. The key length determines the total number of possible keys and therefore the size of the keyspace that an attacker must search. A binary key of length n allows 2ⁿ possible values. For example, n = 8 produces 256 keys, while n = 56 (as in the original Data Encryption Standard) produces 7.2 × 1016 possible keys. In practice, modern ciphers employ key lengths of at least 128 bits to ensure long-term security against brute-force attacks, with 192- and 256-bit keys used in high-security or military contexts.
- Strong avalanche effect. A small change in either the plaintext or the key should cause a large, seemingly unpredictable change in the resulting ciphertext. This avalanche effect ensures that the relationship between plaintext, ciphertext, and key is highly nonlinear, preventing the attacker from inferring any part of the key or plaintext from limited observations. Formally, an encryption function f (p, k) has a strong avalanche effect if a single-bit change in p or k causes each bit in the ciphertext c = f (p, k) to change with probability 0.5 on average. This principle underlies the Feistel structure used in many symmetric-block ciphers, including DES and AES.
- Diffusion. Diffusion spreads the statistical influence of each plaintext bit over many ciphertext bits so that changing one plaintext bit affects numerous bits in the ciphertext. This property conceals statistical dependencies between the plaintext and ciphertext and complements the avalanche effect. Diffusion is typically achieved through repeated substitution and permutation layers that mix data across bit positions. It is less pronounced in stream ciphers, where each plaintext bit is encrypted independently using a keystream bit, but is fundamental to the design of block ciphers.
Achieving both strong diffusion and a pronounced avalanche effect often increases algorithmic complexity, conflicting with the design goals of speed and simplicity. Designers must therefore balance implementation efficiency with the desired level of security. Stream ciphers typically sacrifice diffusion for simplicity and performance, whereas block ciphers emphasize diffusion and nonlinearity to resist both statistical and differential attacks.
Back to reading