Conductor A material in which electron flow occurs easily. Typically a metal; usually copper, sometimes silver, brass or even aluminum. A wire. As opposed to an insulator. Confusion Those parts of a cipher mechanism which change the correspondence between input values and output values. In contrast to diffusion. Confusion Sequence The sequence combined with data in a stream cipher. Normally produced by a random number generator, it is also called a "running key." Contextual In the study of logic, an observed fact dependent upon other facts not being observed. Or a statement which is conditionally true, provided other unmentioned conditions have the appropriate state. As opposed to absolute. Conventional Cipher A secret key cipher. Congruence Casually speaking, the remainder after a division of integers. In number theory we say than integer a (exactly) divides integer b (denoted a | b) if and only if there is an integer k such that ak = b. In number theory we say that integer a is congruent to integer b modulo m, denoted a = b (mod m), if and only if m | (a - b). Here m is the divisor or modulus. Convolution Polynomial multiplication. A multiplication of each term against each other term, with no "carries" from term to term. Also see correlation. Used in the analysis of signal processing to develop the response of a processing system to a complicated real-valued input signal. The input signal is first separated into some number of discrete impulses. Then the system response to an impulse the output level at each unit time delay after the impulse is determined. Finally, the expected response is computed as the sum of the contributions from each input impulse, multiplied by the magnitude of each impulse. This is an approximation to the convolution integral with an infinite number of infinitesimal delays. Although originally accomplished graphically, the process is just polynomial multiplication. It is apparently possible to compute the convolution of two sequences by taking the FFT of each, multiplying these results term-by-term, then taking the inverse FFT. While there is an analogous relationship in the FWT, in this case the "delays" between the sequences represent mod 2 distance differences, which may or may not be useful. Correlation In general, the probability that two sequences of symbols will, in any position, have the same symbol. We expect two random binary sequences to have the same symbols about half the time. One way to evaluate the correlation of two real-valued sequences is to multiply them together term-by-term and sum all results. If we do this for all possible "delays" between the two sequences, we get a "vector" or 1- dimensional array of correlations which is a convolution. Then the maximum value represents the delay with the best correlation. Correlation Coefficient The value from -1 to +1 describing the correlation of two binary sequences, averaged over the length of interest. Correlation coefficient values are related to the probability that, given a symbol from one sequence, the other sequence will have that same symbol. A value of:  -1 implies a 0.0 probability (the second sequence is the complement of the first),  0 implies a 0.5 probability (the sequences are uncorrelated), and  +1 implies a 1.0 probability (the sequences are the same). "The correlation coefficient associated with a pair of Boolean functions f(a) and g(a) is denoted by C(f,g) and is given by C(f,g) = 2 * prob(f(a) = g(a)) - 1 ." Daemen, J., R. Govaerts and J. Vanderwalle. 1994. Correlation Matrices. Fast Software Encryption. 276. Springer-Verlag. CRC Cyclic Redundancy Check: A fast error-check hash based on mod 2 polynomial operations. A CRC is essentially a fast remainder operation over a huge numeric value which is the data. (For best speed, the actual computation occurs as mod 2 polynomial operations.) The CRC result is an excellent (but linear) hash value corresponding to the data. No CRC has any appreciable strength, but some applications even in cryptography need no strength:  One example is authentication, provided the linear CRC hash result is protected by a block cipher.  Another example is key processing, where the uncertainty in a User Key phrase of arbitrary size is collected into a hash result of fixed size. In general, the hash result would be just as good for The Opponent as the original key phrase, so no strength shield could possibly improve the situation.  A third example is the accumulation of the uncertainty in slightly uncertain physically random events. When true randomness is accumulated, it is already as unknowable as any strength shield could make it. Cryptanalysis That aspect of cryptology which concerns the strength analysis of a cryptographic system, and the penetration or breaking of a cryptographic system. Also "codebreaking." Because there is no theory which guarantees strength for any conventional cipher, ciphers traditionally have been considered "strong" when they have been used for a long time with "nobody" knowing how to break them easily. Cryptanalysis seeks to improve this process by applying the known attack strategies to new ciphers, and by actively seeking new ones. It is normal to assume that at least known-plaintext is available; often, defined-plaintext is assumed. The result is typically some value for the amount of "work" which will achieve a "break" (even if that value is impractical); this is "the" strength of the cipher. But while cryptanalysis can prove "weakness" for a given level of effort, cryptanalysis cannot prove that there is no simpler attack: Lack of proof of weakness is not proof of strength. Indeed, when ciphers are used for real, The Opponents can hardly be expected to advertise a successful break, but will instead work hard to reassure users that their ciphers are still secure. The fact that apparently "nobody" knows how to break a cipher is somewhat less reassuring from this viewpoint. In this context, using a wide variety of different ciphers can make good sense: This reduces the value of the information protected by any particular cipher, which thus reduces the rewards from even a successful attack. Having a numerous ciphers also requires The Opponents to field far greater resources to identify, analyze, and automate breaking (when possible) of each different cipher. Many academic attacks are essentially theoretical, involving huge amounts of data and computation. But even when a direct technical attack is practical, that may be the most difficult, expensive and time-consuming way to obtain the desired information. Other methods include making a paper copy, stealing a copy, bribery, coercion, and electromagnetic monitoring. No cipher can keep secret something which has been otherwise revealed. Information security thus involves far more than just cryptography, and even a cryptographic system is more than just a cipher. Even finding that information has been revealed does not mean that a cipher has been broken. At one time it was reasonable to say: "Any cipher a man can make, another man can break." However, with the advent of serious computer-based cryptography, that statement is no longer valid, provided that every detail is properly handled. This, of course, often turns out to not be the case. Cryptanalyst Someone who attacks ciphers with cryptanalysis. A "codebreaker." Often called the Opponent by cryptographers, in recognition of the (serious) game of thrust and parry between these parties. Cryptographer Someone who creates ciphers using cryptography. Cryptographic Mechanism A process for enciphering and/or deciphering, or an implementation (for example, hardware, computer software, hybrid, or the like) for performing that process. See also cryptography and mechanism. Cryptography Greek for "hidden writing." The art and science of transforming information into an intermediate form which secures that information while in storage or in transit. A part of cryptology, further divided into secret codes and ciphers. As opposed to steganography, which seeks to hide the existence of any message, cryptography seeks to render a message unintelligible even when the message is completely exposed. Cryptography includes at least:  secrecy (confidentiality, or privacy, or information security) and  message authentication (integrity). Cryptography may also include:  nonrepudiation (the inability to deny sending a message),  access control (user or source authentication), and  availability (keeping security services available). Modern cryptography generally depends upon translating a message into one of an astronomical number of different intermediate representations, or ciphertexts, as selected by a key. If all possible intermediate representations have similar appearance, it may be necessary to try all possible keys to find the one which deciphers the message. By creating mechanisms with an astronomical number of keys, we can make this approach impractical. Cryptography may also be seen as a zero-sum game, where a cryptographer competes against a cryptanalyst. We might call this the cryptography war. Cryptography War Cryptography may be seen as a dynamic battle between cryptographer and cryptanalyst. The cryptographer tries to produce a cipher which can retain secrecy. Then, when it becomes worthwhile, one or more cryptanalysts try to penetrate that secrecy by attacking the cipher. Fortunately for the war, even after fifty years of mathematical cryptology, not one practical cipher has been accepted as proven secure in practice. (See, for example, the one-time pad.) Note that the successful cryptanalyst must keep good attacks secret, or the opposing cryptographer will just produce a stronger cipher. This means that the cryptographer is in the odd position of never knowing whether his or her best cipher designs are successful, or which side is winning. Cryptographers are often scientists who are trained to ignore unsubstantiated claims. But there will be no substantiation when a cipher system is attacked . sometimes silver, brass or even aluminum. A wire. As opposed to an insulator. Confusion Those parts of a cipher mechanism which change the correspondence between input values and output values different ciphers can make good sense: This reduces the value of the information protected by any particular cipher, which thus reduces the rewards from even a successful attack. Having a numerous. Opponent by cryptographers, in recognition of the (serious) game of thrust and parry between these parties. Cryptographer Someone who creates ciphers using cryptography. Cryptographic Mechanism