Conductor
A material in which electron flow occurs easily. Typically a metal; usually
copper, sometimes silver, brass or even aluminum. A wire. As opposed to an
insulator.
Confusion
Those parts of a cipher mechanism which change the correspondence
between input values and output values. In contrast to diffusion.
Confusion Sequence
The sequence combined with data in a stream cipher. Normally produced by
a random number generator, it is also called a "running key."
Contextual
In the study of logic, an observed fact dependent upon other facts not being
observed. Or a statement which is conditionally true, provided other
unmentioned conditions have the appropriate state. As opposed to absolute.
Conventional Cipher
A secret key cipher.
Congruence
Casually speaking, the remainder after a division of integers.
In number theory we say than integer a (exactly) divides integer b (denoted a
| b) if and only if there is an integer k such that ak = b.
In number theory we say that integer a is congruent to integer b modulo m,
denoted a = b (mod m), if and only if m | (a - b). Here m is the divisor or
modulus.
Convolution
Polynomial multiplication. A multiplication of each term against each other
term, with no "carries" from term to term. Also see correlation.
Used in the analysis of signal processing to develop the response of a
processing system to a complicated real-valued input signal. The input signal
is first separated into some number of discrete impulses. Then the system
response to an impulse the output level at each unit time delay after the
impulse is determined. Finally, the expected response is computed as the

sum of the contributions from each input impulse, multiplied by the
magnitude of each impulse. This is an approximation to the convolution
integral with an infinite number of infinitesimal delays. Although originally
accomplished graphically, the process is just polynomial multiplication.
It is apparently possible to compute the convolution of two sequences by
taking the FFT of each, multiplying these results term-by-term, then taking
the inverse FFT. While there is an analogous relationship in the FWT, in this
case the "delays" between the sequences represent mod 2 distance
differences, which may or may not be useful.
Correlation
In general, the probability that two sequences of symbols will, in any
position, have the same symbol. We expect two random binary sequences to
have the same symbols about half the time.
One way to evaluate the correlation of two real-valued sequences is to
multiply them together term-by-term and sum all results. If we do this for all
possible "delays" between the two sequences, we get a "vector" or 1-
dimensional array of correlations which is a convolution. Then the
maximum value represents the delay with the best correlation.
Correlation Coefficient
The value from -1 to +1 describing the correlation of two binary sequences,
averaged over the length of interest. Correlation coefficient values are
related to the probability that, given a symbol from one sequence, the other
sequence will have that same symbol. A value of:
 -1 implies a 0.0 probability (the second sequence is the complement of
the first),
 0 implies a 0.5 probability (the sequences are uncorrelated), and
 +1 implies a 1.0 probability (the sequences are the same).
"The correlation coefficient associated with a pair of Boolean functions f(a)
and g(a) is denoted by C(f,g) and is given by
C(f,g) = 2 * prob(f(a) = g(a)) - 1 ."

Daemen, J., R. Govaerts and J. Vanderwalle. 1994. Correlation Matrices.
Fast Software Encryption. 276. Springer-Verlag.
CRC
Cyclic Redundancy Check: A fast error-check hash based on mod 2
polynomial operations.
A CRC is essentially a fast remainder operation over a huge numeric value
which is the data. (For best speed, the actual computation occurs as mod 2
polynomial operations.) The CRC result is an excellent (but linear) hash
value corresponding to the data.
No CRC has any appreciable strength, but some applications even in
cryptography need no strength:
 One example is authentication, provided the linear CRC hash result is
protected by a block cipher.
 Another example is key processing, where the uncertainty in a User
Key phrase of arbitrary size is collected into a hash result of fixed
size. In general, the hash result would be just as good for The
Opponent as the original key phrase, so no strength shield could
possibly improve the situation.
 A third example is the accumulation of the uncertainty in slightly
uncertain physically random events. When true randomness is
accumulated, it is already as unknowable as any strength shield could
make it.
Cryptanalysis
That aspect of cryptology which concerns the strength analysis of a
cryptographic system, and the penetration or breaking of a cryptographic
system. Also "codebreaking."
Because there is no theory which guarantees strength for any conventional
cipher, ciphers traditionally have been considered "strong" when they have
been used for a long time with "nobody" knowing how to break them easily.
Cryptanalysis seeks to improve this process by applying the known attack

strategies to new ciphers, and by actively seeking new ones. It is normal to
assume that at least known-plaintext is available; often, defined-plaintext is
assumed. The result is typically some value for the amount of "work" which
will achieve a "break" (even if that value is impractical); this is "the"
strength of the cipher.
But while cryptanalysis can prove "weakness" for a given level of effort,
cryptanalysis cannot prove that there is no simpler attack:
Lack of proof of weakness is not proof of strength.
Indeed, when ciphers are used for real, The Opponents can hardly be
expected to advertise a successful break, but will instead work hard to
reassure users that their ciphers are still secure. The fact that apparently
"nobody" knows how to break a cipher is somewhat less reassuring from this
viewpoint. In this context, using a wide variety of different ciphers can make
good sense: This reduces the value of the information protected by any
particular cipher, which thus reduces the rewards from even a successful
attack. Having a numerous ciphers also requires The Opponents to field far
greater resources to identify, analyze, and automate breaking (when
possible) of each different cipher.
Many academic attacks are essentially theoretical, involving huge amounts
of data and computation. But even when a direct technical attack is
practical, that may be the most difficult, expensive and time-consuming way
to obtain the desired information. Other methods include making a paper
copy, stealing a copy, bribery, coercion, and electromagnetic monitoring. No
cipher can keep secret something which has been otherwise revealed.
Information security thus involves far more than just cryptography, and even
a cryptographic system is more than just a cipher. Even finding that
information has been revealed does not mean that a cipher has been broken.
At one time it was reasonable to say: "Any cipher a man can make, another
man can break." However, with the advent of serious computer-based
cryptography, that statement is no longer valid, provided that every detail is

properly handled. This, of course, often turns out to not be the case.
Cryptanalyst
Someone who attacks ciphers with cryptanalysis. A "codebreaker." Often
called the Opponent by cryptographers, in recognition of the (serious) game
of thrust and parry between these parties.
Cryptographer
Someone who creates ciphers using cryptography.
Cryptographic Mechanism
A process for enciphering and/or deciphering, or an implementation (for
example, hardware, computer software, hybrid, or the like) for performing
that process. See also cryptography and mechanism.
Cryptography
Greek for "hidden writing." The art and science of transforming information
into an intermediate form which secures that information while in storage or
in transit. A part of cryptology, further divided into secret codes and ciphers.
As opposed to steganography, which seeks to hide the existence of any
message, cryptography seeks to render a message unintelligible even when
the message is completely exposed.
Cryptography includes at least:
 secrecy (confidentiality, or privacy, or information security) and
 message authentication (integrity).
Cryptography may also include:
 nonrepudiation (the inability to deny sending a message),
 access control (user or source authentication), and
 availability (keeping security services available).
Modern cryptography generally depends upon translating a message into one
of an astronomical number of different intermediate representations, or
ciphertexts, as selected by a key. If all possible intermediate representations
have similar appearance, it may be necessary to try all possible keys to find
the one which deciphers the message. By creating mechanisms with an

astronomical number of keys, we can make this approach impractical.
Cryptography may also be seen as a zero-sum game, where a cryptographer
competes against a cryptanalyst. We might call this the cryptography war.
Cryptography War
Cryptography may be seen as a dynamic battle between cryptographer and
cryptanalyst. The cryptographer tries to produce a cipher which can retain
secrecy. Then, when it becomes worthwhile, one or more cryptanalysts try to
penetrate that secrecy by attacking the cipher. Fortunately for the war, even
after fifty years of mathematical cryptology, not one practical cipher has
been accepted as proven secure in practice. (See, for example, the one-time
pad.)
Note that the successful cryptanalyst must keep good attacks secret, or the
opposing cryptographer will just produce a stronger cipher. This means that
the cryptographer is in the odd position of never knowing whether his or her
best cipher designs are successful, or which side is winning.
Cryptographers are often scientists who are trained to ignore unsubstantiated
claims. But there will be no substantiation when a cipher system is attacked