Editing Classical cipher (section)

==Cryptanalysis of classical ciphers==
Classical ciphers are commonly quite easy to break. Many of the classical ciphers can be broken even if the attacker only knows sufficient ciphertext and hence they are susceptible to a [[ciphertext-only attack]]. Some classical ciphers (e.g., the [[Caesar cipher]]) have a small key space. These ciphers can be broken with a [[brute force attack]], that is by simply trying out all keys. [[Substitution ciphers]] can have a large key space, but are often susceptible to a [[frequency analysis]], because for example frequent letters in the plaintext language correspond to frequent letters in the ciphertexts. Polyalphabetic ciphers such as the [[Vigenère cipher]] prevent a simple frequency analysis by using multiple substitutions. However, more advanced techniques such as the [[Kasiski examination]] can still be used to break these ciphers.

On the other hand, modern ciphers are designed to withstand much stronger attacks than ciphertext-only attacks. A good modern cipher must be secure against a wide range of potential attacks including [[known-plaintext attack]]s and [[chosen-plaintext attack]]s as well as [[chosen-ciphertext attack]]s. For these ciphers an attacker should not be able to find the key even if they know any amount of plaintext and corresponding ciphertext and even if they could select plaintext or ciphertext themselves. Classical ciphers do not satisfy these much stronger criteria and hence are no longer of interest for serious applications.

Some techniques from classical ciphers can be used to strengthen modern ciphers. For example, the [[Rijndael MixColumns|MixColumns]] step in [[Advanced Encryption Standard|AES]] is a [[Hill cipher]].<ref>{{cite web |url=https://www.angelfire.com/biz7/atleast/mix_columns.pdf |title=Understanding AES Mix-Columns Transformation Calculation |last=Xintong |first=Kit Choy |access-date=2016-10-26 }}</ref>