Talk:Differential cryptanalysis

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Cryptography / Computer science  (Rated B-class, High-importance)
WikiProject icon This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
B-Class article B  This article has been rated as B-Class on the quality scale.
 High  This article has been rated as High-importance on the importance scale.
Taskforce icon
This article is supported by WikiProject Computer science (marked as High-importance).
edit·history·watch·refresh Stock post message.svg To-do list for Differential cryptanalysis:

None listed.


"It was noted by Bamford in The Puzzle Palace that DES is surprisingly resilient to differential cryptanalysis, in the sense that even small modifications to the algorithm would make it much more susceptible; this suggested that the designers at IBM knew of this in the 1970s."

According to Webster's Dictionary online, the definintion of resilient is: tending to recover from or adjust easily to misfortune or change. No offense, but isn't this statement contradictory? Verbalosity (talk) 21:57, 4 February 2009 (UTC)

Oh please, resilient is common in the parlance of cryptography yet is also still meaningful to laymen, despite the letter of how Webster's Dictionary defines it. That has very little to do with the actual meaning of the word "resilient" and a lot to do with the limited scope of definitions available in Webster's Dictionary. The intended meaning in this usage is the antonym of "vulnerable" or "susceptible to" and I think "resilient" is a perfectly good antonym for either of those terms Tarcieri (talk) 07:05, 9 August 2012 (UTC)
Either Webster's failed to capture all possible meanings of 'resilient', or we'll have to find a word that means more than resilient, but less than immune. Can you think of one? (Damn, I came here to think about the maths, not the English!)-- (talk) 14:18, 11 June 2009 (UTC)

its not a contradiction: neighbouring (slightly modified) algorithms of DES are less resilient to differential cryptanalysis. So the specific algorithm DES is surprisingly resilient. Or even suspicously resilient, as the designers may have intended their code to be significantly easier to crack with more predictable implementation mistakes. — Preceding unsigned comment added by (talk) 03:58, 24 January 2012 (UTC)

i removed the attribution to Sean Murphy. his name isn't listed as being an author of any of the 4 papers Applied Cryptography's (comprehensive) bibliography lists for differential cryptanalysis. --jkominek

Haven't people apparently used differential cryptanalysis to break pay TV smartcards in Europe? --Robert Merkel

What does "white hat" mean, exactly? From context, it has something to do with lack of practicality... -- Cyan 00:50, 18 Nov 2003 (UTC)

Somehow Sean Murphy appeared again. I am terribly sorry for updating this, but Sean had nothing to do with differential cryptanalysis. It is a mistake in Bruce Scheneier's book - Applied Cryptography. --Orr Dunkelman, CS dept. Technion,

I think there were a couple of early papers by Sean Murphy, and another researcher called Bert Den Boer, which attacked FEAL using pairs of plaintexts encrypted under a fixed difference; these might arguably be called differential cryptanalysis and were published before Biham and Shamir. I think the latter should be credited, though. — Matt Crypto 19:12, 9 March 2004

Going back to the Puzzle Palace, the differential cryptanalysis attack wasn't known until the late 1980's and I can't find an edition of the Puzzle Palace later than 1983. What's going on?--Doctorhook (talk) 23:15, 9 February 2010 (UTC)

Is "resistant" the word you were looking for? --Doctorhook (talk) 00:30, 10 February 2010 (UTC)


This article is rather abstract. How about putting some sort of specific example in? Surgo 00:51, 18 April 2006 (UTC)

I agree. I'm not sure what would be a good, though: we'd want to avoid spending too much time presenting even a toy cipher. — Matt Crypto 07:35, 18 April 2006 (UTC)


"There exists no bijections for even sized inputs/outputs with a 2-uniformity." is WRONG. There exists (we know it) at least one APN permutation in dimension 6. See "An APN permutation in dimension six" by K.A. Browning, J.F. Dillon, M.T. McQuistan, and A.J. Wolfe. Nevertheless, it is still an problem to find one for greater dimensions. — Preceding unsigned comment added by (talk) 22:58, 28 March 2013 (UTC)