Talk:Cryptanalysis
From Wikipedia, the free encyclopedia
 |
This article is part of WikiProject Cryptography, an attempt to build a comprehensive and detailed guide to cryptography in the Wikipedia. If you would like to participate, you can choose to edit the article attached to this page, or visit the project page, where you can join the project and see a list of open tasks. |
|
It is intended that this article be included in WikiReader Cryptography, a WikiReader on the topic of cryptography. Help and comments for improving this article would be especially welcome. A tool for coordinating the editing and review of these articles is the daily article box. |
 To-do list for Cryptanalysis: |
edit · history · watch · refresh |
|---|---|
|
Empty. |
|
[edit] Article needs work
This article seems a bit incoherent. whats this "two-key" stuff? You mean public key / asymmetric cryptography, or what? And "one-key" means what? Symmetric cryptography?
Also, chosen ciphertext and chosen plaintext attacks are different for symmetric crypto. For symmetric crypto, attacks are: ciphertext-only, known-plaintext, chosen-plaintext and chosen-ciphertext (in order of increasing strength.) For assymetric, the three main attacks are: known-plaintext, chosen-ciphertext and adaptive chosen-ciphertext.
This page needs to be rewritten by someone who knows what they are talking about (I know enough to know this page is awful, but I'll leave fixing it to those more knowledgeable than I...) -- SJK
[edit] What do do about cryptanalysis assumptions?
There's some short stub-esque pages on the various types of cryptanalysis attacks: known-plaintext attack, chosen plaintext attack, ciphertext-only attack, chosen ciphertext attack, adaptive chosen ciphertext attack. They are all quite short and similar, and its unlikely they'll every expand into longer articles. Some options:
- Keep the short pages. If this was the case, you'd want to add things like "adaptive chosen plaintext attack" and "related-key attack" and (believe it or not) "related-cipher attack".
- Merge them all into a Scenarios for cryptanalysis article.
- Merge them all into cryptanalysis.
I'd favour doing 2., seeing how long the article is, and then deciding whether to do 3.
Matt 02:59, 13 Mar 2004 (UTC)
Matt, I think keeping (and adding to) the stubesque pages makes some sense, when combined with 2. The problem is that no _real_ sense of the operation of cryptanalytic technique can be anything less than detailed -- probably far too detailed for a WP article, even a technical one. But any attempt to do so, which I would nevertheless encourage (it might be possible for one or another technique), should be kept quarantined. More or less the way the mathematics or physics people have done in some cases.
Nevertheless, an overview of cryptanalysis (how to think about it, how to consider choosing an attack technique, what informatio is needed to decide, ...) would be useful. Both to the somewhat curious reader (more ambitious than the average) and to the serious reader. It's hard to keep the abstraction levels straight when thinking about crypto generally and abotu cryptoanalysis in particular, so whatever illumination is possible would be well, even for the serious reader.
Comments?
ww 16:09, 15 Mar 2004 (UTC)
- The modern treatment of this stuff is in terms of the random oracle model. There should definitely be an article explaining terms like IND-CPA and IND-CCA security (CPA=chosen plaintext attack, CCA=chosen ciphertext attack, etc). But it shouldn't be in the main cryptanalysis article. I've been wanting for a while to write something on those topics but I'm too busy right now. Rogaway and Bellare have an excellent downloadable textbook that I'll try to add a link to. Phr 08:41, 16 February 2006 (UTC)
[edit] Shannon link
Can somebody check the link on "Shannon Information" (the Shannon part)? It used to point to a disambiguation page. I've changed it to what I think is the right person, but I'm not completely sure... Ealex292 02:12, 10 Apr 2005 (UTC)
- I've never heard the term "Shannon Information" before, but from context it just means the cryptanalyst has gained information that lowers the effective Shannon entropy of the (unknown) plaintext. For example, suppose you have a ciphertext and you know that the plaintext was written in either English or French, but you don't know which, and you consider both equally likely. If you have a statistical method that doesn't yield any plaintext, but can determine from the ciphertext that the plaintext is 65% likely to be English, that would be an information deduction attack. In general, perfect security means that for a given ciphertext, all plaintexts are equally likely. Any algorithm that discloses that some plaintexts are more likely than others is an attack. Phr 08:38, 16 February 2006 (UTC)
