# Talk:Distinguishing attack

WikiProject Cryptography / Computer science  (Rated Start-class, Mid-importance)
This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
Start  This article has been rated as Start-Class on the quality scale.
Mid  This article has been rated as Mid-importance on the importance scale.

This article was specifically requested on the "Recent changes" page, so deleting it counters the very idea of putting it up in the first place. The article needs more development, of course. Mindraker 01:48, 3 June 2007 (UTC)

--David Göthberg (talk) 04:56, 22 February 2008 (UTC)
I've never heard of this term. Shouldn't this article be deleted or merged with pseudorandom ensemble, pseudorandom or computational indistinguishability or something? RobertHannah89 (talk) 11:25, 28 October 2012 (UTC)

## What is a distinguishing attack?

This article currently (february 2008) needs to be reworked and clarified but I am just a "crypto systems and protocol guy" and not a cryptanalyst so I am not a 100% sure that I know what a distinguishing attack is.

But in case I have understood correctly, here are some stuff that I then think this article perhaps should mention:

1. If you can study/analyse the output of a cipher and see that it is not completely random (has some bias of any kind) then you have done a distinguishing attack. That is, if you can tell the output apart from random white noise. One example is that if double occurrence of symbols (like "AA" or "tt") comes more often or less often in the ciphertext than it should in random data then you can distinguish the ciphertext from random data.
1. A more advanced distinguishing attack is if you can look at the output of the cipher and tell which cipher was used. For instance, a certain frequency of double symbols means that it is likely that the cipher RC4 was used.

Thus, a distinguishing attack doesn't really break the cipher. But finding any regularities is usually a bad sign which might indicate weaknesses in the cipher. And finding out which cipher was used is even worse since then one can use knowledge of that specific cipher to do other attacks.

Thus, if a distinguisher (a bias) is found for a cipher it is usually considered a bad cipher and thus considered "broken".

--David Göthberg (talk) 04:56, 22 February 2008 (UTC)

Hello fellow Wikipedians,

I have just modified one external link on Distinguishing attack. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at `{{Sourcecheck}}`).

You may set the `|checked=`, on this template, to true or failed to let other editors know you reviewed the change. If you find any errors, please use the tools below to fix them or call an editor by setting `|needhelp=` to your help request.

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

If you are unable to use these tools, you may set `|needhelp=<your help request>` on this template to request help from an experienced user. Please include details about your problem, to help other editors.

Cheers.—InternetArchiveBot 00:53, 14 December 2016 (UTC)