[1] These properties, when present, work together to thwart the application of statistics, and other methods of cryptanalysis.
Confusion in a symmetric cipher is obscuring the local correlation between the input (plaintext), and output (ciphertext) by varying the application of the key to the data, while diffusion is hiding the plaintext statistics by spreading it over a larger area of ciphertext.
Confusion means that each binary digit (bit) of the ciphertext should depend on several parts of the key, obscuring the connections between the two.
The purpose of diffusion is to hide the statistical relationship between the ciphertext and the plain text.
[4] In Shannon's original definitions, confusion refers to making the relationship between the ciphertext and the symmetric key as complex and involved as possible; diffusion refers to dissipating the statistical structure of plaintext over the bulk of ciphertext.
This complexity is generally implemented through a well-defined and repeatable series of substitutions and permutations.
Design of a modern block cipher uses both confusion and diffusion,[2] with confusion changing data between the input and the output by applying a key-dependent non-linear transformation (linear calculations are easier to reverse and thus are easier to break).
[10] One of the most researched cipher structures uses the substitution-permutation network (SPN) where each round includes a layer of local nonlinear permutations (S-boxes) for confusion and a linear diffusion transformation (usually a multiplication by a matrix over a finite field).
Both confusion and diffusion are repeated multiple times for each input to increase the amount of scrambling.