avalanche effect

{{Short description|Concept in cryptography}}

{{about|cryptography||Snowball effect|and|Avalanche (disambiguation)}}

In cryptography, the avalanche effect is the desirable property of cryptographic algorithms, typically block ciphers and cryptographic hash functions, wherein if an input is changed slightly (for example, flipping a single bit), the output changes significantly (e.g., half the output bits flip). In the case of high-quality block ciphers, such a small change in either the key or the plaintext should cause a drastic change in the ciphertext. The actual term was first used by Horst Feistel,{{Cite journal|last=Feistel|first=Horst|year=1973|title=Cryptography and Computer Privacy|url=https://www.apprendre-en-ligne.net/crypto/bibliotheque/feistel/index.html|journal=Scientific American|volume=228|issue=5|pages=15–23|doi=10.1038/scientificamerican0573-15|bibcode=1973SciAm.228e..15F}} although the concept dates back to at least Shannon's diffusion.

File:Avalanche effect.svg hash function exhibits good avalanche effect. When a single bit is changed the hash sum becomes completely different.]]

If a block cipher or cryptographic hash function does not exhibit the avalanche effect to a significant degree, then it has poor randomization, and thus a cryptanalyst can make predictions about the input, being given only the output. This may be sufficient to partially or completely break the algorithm. Thus, the avalanche effect is a desirable condition from the point of view of the designer of the cryptographic algorithm or device. Failure to incorporate this characteristic leads to the hash function being exposed to attacks including collision attacks, length extension attacks, and preimage attacks.Upadhyay, D., Gaikwad, N., Zaman, M., & Sampalli, S. (2022). Investigating the Avalanche Effect of Various Cryptographically Secure Hash Functions and Hash-Based Applications. IEEE Access, 10, 112472–112486. https://doi.org/10.1109/ACCESS.2022.3215778

Constructing a cipher or hash to exhibit a substantial avalanche effect is one of the primary design objectives, and mathematically the construction takes advantage of the butterfly effect.{{cite conference |last1=Al-Kuwari |first1=Saif |last2=Davenport |first2=James H. |last3=Bradford |first3=Russell J. |date=2011 |title=Cryptographic Hash Functions: Recent Design Trends and Security Notions |conference=Inscrypt '10 |url=https://eprint.iacr.org/2011/565}} This is why most block ciphers are product ciphers. It is also why hash functions have large data blocks. Both of these features allow small changes to propagate rapidly through iterations of the algorithm, such that every bit of the output should depend on every bit of the input before the algorithm terminates.{{Citation needed|date=June 2010}}