Avalanche effect

From Wikipedia, the free encyclopedia
Jump to: navigation, search
The SHA1 hash function has good avalanche effect. When a single bit is changed the hash sum becomes completely different.

In cryptography, the avalanche effect refers to an attractive property of block ciphers and cryptographic hash functions algorithms.

The avalanche effect is satisfied if:

  1. The output changes significantly (e.g., half the output bits flip) as a result of a slight change in input (e.g., flipping a single bit)
  2. In "quality" block ciphers, such a small change in either the key or the plaintext should cause a strong change in the ciphertext.

Both of above features allow small changes to propagate rapidly through iterations of the algorithm, in such a way that every bit of the output should depend on every bit of the input before the algorithm terminates.

The term avalanche effect was first used by Horst Feistel (Feistel 1973), although the concept was identified by Shannon's property of confusion.

If a block cipher or cryptographic hash function does not exhibit the avalanche effect to a significant degree, then it has poor randomization, and thus a cryptanalyst can make forecasts about the input, if given only the output. This may be sufficient to partially or completely break (crack) the algorithm.

One of the primary design objectives in constructing a "quality" cipher or cryptographic hash function is to build a good avalanche effect in it. This is why most block ciphers are product ciphers. It is also why hash functions have large data blocks.

Strict avalanche criterion[change | change source]

The Strict Avalanche Criterion (SAC) is a property of boolean functions of importance to cryptography. A function is said to satisfy the strict avalanche criterion if, whenever a single input bit is complemented, each of the output bits should change with a probability of one half.

The SAC was built on the concepts of evolution completeness and avalanche and introduced by Webster and Tavares in 1985.

Bit independence criterion[change | change source]

The Bit independence criterion (BIC) states that output bits j & k should change independently when any single input bit i is inverted, for all i, j and k.

Related pages[change | change source]

References[change | change source]