What is 'information-theoretic security' versus 'computational security'?

Information-theoretic security is mathematically perfect — even infinite computing power can't break it (one-time pad). Computational security is secure only against bounded computing power — could theoretically be broken but not in any practical timeframe Information-theoretic security uses more information (larger keys); computational security uses computers Information-theoretic is used by governments; computational is used by businesses They are the same — both describe ciphers that computers cannot break

What is a 'trapdoor function' and why is it essential to public-key cryptography?

A mathematical function that is easy to compute in one direction but practically impossible to reverse without special 'trapdoor' knowledge — the public key uses the easy direction; the private key is the trapdoor A backdoor intentionally built into a cipher by its designer to allow government access A mathematical shortcut that makes encryption faster without reducing security A function that creates a hidden second key alongside the public key for emergencies

What does it mean for a cipher to be 'semantically secure'?

An attacker who sees a ciphertext cannot determine any information about the plaintext — not even one bit — without the key; encrypting the same message twice produces different ciphertext each time The meaning (semantics) of the encrypted message is perfectly preserved when decrypted The cipher can only encrypt meaningful text, not random data The cipher produces output that seems meaningful but is actually encrypted

What is 'entropy' in the context of cryptography and keys?

A measure of randomness or unpredictability — a key with high entropy is truly random and hard to guess; a key with low entropy (like a dictionary word) is easy to brute-force The amount of energy a cipher requires to encrypt and decrypt data How messy or complex a cipher algorithm's code is The number of different characters in a cipher's alphabet

What is 'diffusion' in block cipher design?

Spreading the influence of each plaintext bit across many ciphertext bits — changing one bit in the input should affect approximately half the output bits (the 'avalanche effect') The process of distributing encryption keys to all recipients securely How quickly a cipher spreads across networks when deployed The tendency for encrypted data to grow larger than the original — diffusion of size

What is 'confusion' in block cipher design?

Making the relationship between the key and ciphertext as complex as possible — each ciphertext bit should depend on many key bits in a highly non-linear way, making key deduction hard Deliberately making the cipher algorithm confusing so attackers can't understand it A property of ciphers that makes them hard to implement correctly Mixing up the order of data blocks to prevent pattern recognition

What is 'DES' (Data Encryption Standard) and why was it replaced?

A 1977 symmetric block cipher with a 56-bit key — replaced because its key was too short: by 1999, specialized hardware could brute-force all 2⁵⁶ keys in under 24 hours A 1990s cipher that was broken by differential cryptanalysis before deployment A German cipher standard developed after WWII that the US adopted A cipher that was replaced because it was too slow for internet communications

What is AES (Advanced Encryption Standard) and why is it trusted?

A symmetric block cipher selected by NIST in 2001 after open international competition — trusted because its design was publicly analyzed by the world's best cryptographers for years before adoption An encryption system developed by the NSA and classified until 2001 A cipher that only military and government agencies are allowed to use A cipher that is more advanced than RSA — it replaced RSA as the internet standard

What is a 'block cipher' versus a 'stream cipher'?

Block ciphers encrypt fixed-size chunks of data (128 bits for AES) using a key; stream ciphers generate a keystream and XOR it with plaintext bit-by-bit or byte-by-byte Block ciphers work on text; stream ciphers work on video and audio streaming Block ciphers are used by governments; stream ciphers are used by civilian applications Block ciphers encrypt faster; stream ciphers are more secure

What is 'Kerckhoffs's principle' and why is it fundamental to modern cryptography?

A cryptographic design principle stating that a cipher should be secure even if everything about the system except the key is publicly known — security must come from the key, not from secrecy of the algorithm A principle that cryptographic keys must be at least as long as the messages they encrypt A requirement that cryptographic systems must have a backup key in case the main key is lost The rule that cipher algorithms must be approved by a government body before use