What is a stream cipher?
A stream cipher is a method of encrypting text (to produce ciphertext) in which a cryptographic key and algorithm are applied to each binary digit in a data stream, one bit at a time. The main alternative method to stream cipher is, in fact, the block cipher, where a key and algorithm are applied to blocks of data rather than individual bits in a stream.
How does a stream cipher work?
A stream cipher is an encryption algorithm that uses a symmetric key to encrypt and decrypt a given amount of data. A symmetric cipher key, as opposed to an asymmetric cipher key, is an encryption tool that is used in both encryption and decryption. Asymmetric keys will sometimes use one key to encrypt a message and another to decrypt the respective ciphertext.
What makes stream ciphers particularly unique is that they encrypt data one bit, or byte, at a time. This makes for a fast and relatively simple encryption process.
Basic encryption requires three main components:
- a message, document or piece of data
- a key
- an encryption algorithm
The key typically used with a stream cipher is known as a one-time pad. Mathematically, a one-time pad is unbreakable because it's always at least the exact same size as the message it is encrypting.
Here is an example to illustrate the one-timed pad process of stream ciphering: Person A attempts to encrypt a 10-bit message using a stream cipher. The one-time pad, in this case, would also be at least 10 bits long. This can become cumbersome depending on the size of the message or document they are attempting to encrypt, however.
Cryptographers also refer to the symmetric key used in a stream cipher as a keystream. This is because Person A could opt to create a pseudo-random cipher digit stream, or keystream, using a key that is smaller than the size of the plaintext file. Furthermore, to avoid having to create a larger keystream, users can use a cryptographic number generator to create a larger keystream from a smaller, pseudo-random key.
Here, Person A decides to use a 4-bit key to encrypt a 10-bit message. To do that, they must first use an initialization vector (IV) to generate a random seed value. Placing this seed value into a cryptographic number generator, Person A can create a pseudo-random keystream that matches the size of their desired plaintext file.
The quality of the number generator contributes to the randomness and security of the ciphertext, however. Lower-end cryptographic number generators can sometimes have patterns that malicious users, or hackers, can identify and use to decrypt the ciphertext.
After the user has created the keystream, the stream cipher combines the keystream with the corresponding digits of the plaintext using the exclusive-or (XOR) operator. The XOR operator creates new binary values, which make up the ciphertext. It generates these values by comparing bits in the plaintext and the keystream that share the same position.
For example, the first bit in Person A's 10-bit message will be XOR-ed with the first bit of the keystream. If the two digits are the same, the XOR operator will produce a zero. If the two are different -- i.e., a combination of 1 and 0 -- the XOR operator will produce a 1. This is part of what makes stream cipher encryption so fast.
Once each bit of data has been XOR-ed by the stream cipher, it will produce an unreadable ciphertext message.
Decryption of the ciphertext can happen in a manner similar to how the plaintext encryption occurs. This time, instead of the data and keystream being XOR-ed, the ciphertext and the keystream are XOR-ed.
Stream ciphers users should not use the same IV more than once, however, to maximize the security of this process.
The advantages and disadvantages of using a stream cipher
Speed of encryption tops the list of advantages for stream ciphers. Once a stream cipher makes a key, the encryption and decryption process is almost instantaneous. This is largely due to the simplicity of operation, a basic XOR function using two distinct data bits. Also, for this reason, the hardware complexity of a stream cipher is quite low -- meaning a wider range of technologies can facilitate this mode of operation.
Another advantage of using stream ciphers is the ability to decrypt selected sections of ciphertext. Since each bit of data in the ciphertext corresponds with plaintext data in the same position, users can decrypt ciphertext for part of a document rather than the entire file. If Person A, for example, wanted to retrieve the original plaintext data for just the first five bits, they would only need to decrypt the first five bits of the ciphertext.
The positional alignment among the plaintext, keystream and ciphertext is a significant security vulnerability of stream ciphers. If the encryption process does not use a hashing algorithm or IV during the encryption process, a hacker who obtains a segment of plaintext and its respective ciphertext will be able to deduce the keystream used by the process.
This is why cryptographers refer to stream ciphers as having low diffusion, meaning the plaintext and ciphertext are not vastly different from each other.
Confusion vs. diffusion
Evaluate encryption methods using two main criteria: confusion and diffusion.
Confusion contributes to the ambiguity of the ciphertext -- i.e., the methods used to complicate the relationship between the plaintext and the ciphertext.
Diffusion, on the other hand, refers to how well the encryption hides these complex, or simple, relationships. For example, a standard for diffusion is that at least 50% of the ciphertext should change when a cipher alters a single bit of plaintext. Encryption operations with low diffusion are less secure than those with high diffusion.
Stream cipher vs. block cipher
Block ciphers and stream ciphers, while similar, are two distinct forms of symmetric key encryption. The main difference between these two modes of operations is the amount of data they encrypt at one time.
While stream ciphers perform data encryption one bit at a time, block ciphers encrypt fixed blocks of information all at once. These predetermined blocks of data will typically be either 64 or 128 bits long. If the data is not long enough -- i.e., they are smaller than the block size -- pads will be added.
The distinction between stream ciphers and block ciphers can become confusing, however, because a block cipher primitive can sometimes be used in such a way that it is effectively a stream cipher on a larger scale. Besides the difference in block size, the methods of encryption and decryption these modes of operation employ are nearly identical.