The operation of the keystream generator in A5/1, a LFSR-based stream cipher used to encrypt mobile phone conversations.

In cryptography, a stream cipher is a symmetric cipher where plaintext bits are combined with a pseudorandom cipher bit stream (keystream), typically by an exclusive-or (xor) operation. In a stream cipher the plaintext digits are encrypted one at a time, and in which the transformation of successive digits varies during the encryption. An alternative name is a state cipher, as the encryption of each digit is dependent on the current state. In practice, the digits are typically single bits or bytes. A5/1 stream cipher. ... A5/1 stream cipher. ... In cryptography, a keystream is a stream of random or pseudorandom characters that are combined with a cleartext message to produce an encrypted message (the ciphertext). ... A5/1 is a stream cipher used to provide over-the-air communication privacy in the GSM cellular telephone standard. ... The German Lorenz cipher machine, used in World War II for encryption of very high-level general staff messages Cryptography (or cryptology; derived from Greek κρυπτός kryptós hidden, and the verb γράφω gráfo write or λεγειν legein to speak) is the study of message secrecy. ... A symmetric-key algorithm is an algorithm for cryptography that uses the same cryptographic key to encrypt and decrypt the message. ... A pseudo-random number is a number belonging to a sequence which appears to be random, but can in fact be generated by a finite computation. ... In cryptography, a keystream is a stream of random or pseudorandom characters that are combined with a cleartext message to produce an encrypted message (the ciphertext). ... It has been suggested that XOR gate be merged into this article or section. ... In cryptography, plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. ... In mathematics and computer science, a numerical digit is a symbol, e. ... This article is about the unit of information. ... In computer science a byte (pronounced bite) is a unit of measurement of information storage, most often consisting of eight bits. ...

Stream ciphers represent a different approach to symmetric encryption from block ciphers. Block ciphers operate on large blocks of digits with a fixed, unvarying transformation. This distinction is not always clear-cut: in some modes of operation, a block cipher primitive is used in such a way that it acts effectively as a stream cipher. Stream ciphers typically execute at a higher speed than block ciphers and have lower hardware complexity. However, stream ciphers can be susceptible to serious security problems if used incorrectly: see stream cipher attacks — in particular, the same starting state must never be used twice. Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... OFB redirects here. ... Stream ciphers where plaintext bits are combined with a cipher bit stream by an exclusive-or operation (xor) can be very secure if used properly. ...

Loose inspiration from the one-time pad

Stream ciphers can be viewed as approximating the action of a theoretically unbreakable cipher, the one-time pad (OTP), sometimes known as the Vernam cipher. A one-time pad uses a keystream of completely random digits. The keystream is combined with the plaintext digits one at a time to form the ciphertext. This system was proved to be theoretically secure by Shannon in 1949. However, the keystream must be (at least) the same length as the plaintext, and generated completely at random. This makes the system very cumbersome to implement in practice, and as a result the one-time pad has not been widely used, except for the most critical applications. Excerpt from a one-time pad. ... Gilbert Sandford Vernam (1890–7 February 1960) was a AT&T Bell Labs engineer who, in 1917, invented the stream cipher and later co-invented the one-time pad cipher. ... In cryptography, a keystream is a stream of random or pseudorandom characters that are combined with a cleartext message to produce an encrypted message (the ciphertext). ... Random redirects here. ... Claude Elwood Shannon (April 30, 1916 - February 24, 2001) has been called the father of information theory, and was the founder of practical digital circuit design theory. ... Year 1949 (MCMXLIX) was a common year starting on Saturday (link will display the full calendar) of the Gregorian calendar. ...

A stream cipher makes use of a much smaller and more convenient key — 128 bits, for example. Based on this key, it generates a pseudorandom keystream which can be combined with the plaintext digits in a similar fashion to the one-time pad. However, this comes at a cost: because the keystream is now pseudorandom, and not truly random, the proof of security associated with the one-time pad no longer holds: it is quite possible for a stream cipher to be completely insecure. A pseudo-random number is a number belonging to a sequence which appears to be random, but can in fact be generated by a finite computation. ...

Types of stream ciphers

A stream cipher generates successive elements of the keystream based on an internal state. This state is updated in essentially two ways: if the state changes independently of the plaintext or ciphertext messages, the cipher is classified as a synchronous stream cipher. By contrast, self-synchronising stream ciphers update their state based on previous ciphertext digits.

Synchronous stream ciphers

In a synchronous stream cipher a stream of pseudo-random digits is generated independently of the plaintext and ciphertext messages, and then combined with the plaintext (to encrypt) or the ciphertext (to decrypt). In the most common form, binary digits are used (bits), and the keystream is combined with the plaintext using the exclusive or operation (XOR). This is termed a binary additive stream cipher. This article is about the unit of information. ... Exclusive disjunction (usual symbol xor) is a logical operator that results in true if one of the operands (not both) is true. ...

In a synchronous stream cipher, the sender and receiver must be exactly in step for decryption to be successful. If digits are added or removed from the message during transmission, synchronisation is lost. To restore synchronisation, various offsets can be tried systematically to obtain the correct decryption. Another approach is to tag the ciphertext with markers at regular points in the output.

If, however, a digit is corrupted in transmission, rather than added or lost, only a single digit in the plaintext is affected and the error does not propagate to other parts of the message. This property is useful when the transmission error rate is high; however, it makes it less likely the error would be detected without further mechanisms. Moreover, because of this property, synchronous stream ciphers are very susceptible to active attacks — if an attacker can change a digit in the ciphertext, he might be able to make predictable changes to the corresponding plaintext bit; for example, flipping a bit in the ciphertext causes the same bit to be flipped in the plaintext.

Self-synchronizing stream ciphers

Another approach uses several of the previous N ciphertext digits to compute the keystream. Such schemes are known as self-synchronizing stream ciphers, asynchronous stream ciphers or ciphertext autokey (CTAK). The idea of self-synchronization was patented in 1946, and has the advantage that the receiver will automatically synchronise with the keystream generator after receiving N ciphertext digits, making it easier to recover if digits are dropped or added to the message stream. Single-digit errors are limited in their effect, affecting only up to N plaintext digits. It is somewhat more difficult to perform active attacks on self-synchronising stream ciphers by comparison with their synchronous counterparts.

An example of a self-synchronising stream cipher is a block cipher in cipher-feedback mode (CFB). OFB redirects here. ...

Linear feedback shift register-based stream ciphers

Linear feedback shift registers (LFSRs) are popular components in stream ciphers as they can be implemented cheaply in hardware, and their properties are well-understood.

Binary stream ciphers are often constructed using linear feedback shift registers (LFSRs) because they can be easily implemented in hardware and can be readily analysed mathematically. The use of LFSRs on their own, however, is insufficient to provide good security. Various schemes have been proposed to increase the security of LFSRs. This is converted from Image:LFSR-17bit. ... This is converted from Image:LFSR-17bit. ... A linear feedback shift register (LFSR) is a shift register whose input bit is a linear function of its previous state. ... For other uses, see Hardware (disambiguation). ...

Non-linear combining functions

One approach is to use n LFSRs in parallel, their outputs combined using an n-input binary Boolean function (F).

Because LFSRs are inherently linear, one technique for removing the linearity is to feed the outputs of several parallel LFSRs into a non-linear Boolean function to form a combination generator. Various properties of such a combining function are critical for ensuring the security of the resultant scheme, for example, in order to avoid correlation attacks. A general nonlinear combination generator. ... A general nonlinear combination generator. ... A Boolean function describes how to determine a Boolean value output based on some logical calculation from Boolean inputs. ...

Clock-controlled generators

Normally LFSRs are stepped regularly. One approach to introducting non-linearity is to have the LFSR clocked irregularly, controlled by the output of a second LFSR. Such generators include the stop-and-go generator, the alternating step generator and the shrinking generator. In cryptography, an alternating step generator (ASG) is a cryptographic pseudorandom number generator intended to be used in a stream cipher. ... In cryptography, the shrinking generator is a form of pseudorandom number generator intended to be used in a stream cipher. ...

The stop-and-go generator (Beth and Piper, 1984) consists of two LFSRs. One LFSR is clocked if the output of a second is a "1", otherwise it repeats its previous output. This output is then (in some versions) combined with the output of a third LFSR clocked at a regular rate.

The shrinking generator takes a different approach. Two LFSRs are used, both clocked regularly. If the output of the first LFSR is "1", the output of the second LFSR becomes the output of the generator. If the first LFSR outputs "0", however, the output of the second is discarded, and no bit is output by the generator. This mechanism suffers from timing attacks on the second generator, since the speed of the output is variable in a manner that depends on the second generator's state. This can be alleviated by buffering the output. In cryptography, the shrinking generator is a form of pseudorandom number generator intended to be used in a stream cipher. ...

Filter generator

Another approach to improving the security of an LFSR is to pass the entire state of a single LFSR into a non-linear filtering function.

Other designs

RC4 is one of the most widely used stream cipher designs.

Instead of a linear driving device, one may use a nonlinear update function. For example, Klimov and Shamir proposed triangular functions (T-Functions) with a single cycle on n bit words. Image File history File links This is a lossless scalable vector image. ... Image File history File links This is a lossless scalable vector image. ...

Security

Main article: Stream cipher attack

To be secure, the period of the keystream, that is, the number of digits output before the stream repeats itself, needs to be sufficiently large. If the sequence repeats, then the overlapping ciphertexts can be aligned against each other "in depth", and there are techniques which could allow the plaintext to be extracted. This can be a practical concern: for example, the DES block cipher was initially allowed to be used in a certain mode (OFB) with a varying parameter. However, for most choices of this parameter, the resulting stream had a period of only 2³² — for many applications, this period is far too low. For example, if encryption is being performed at a rate of 1 megabyte per second, a stream of period 2³² will repeat after around 8.5 minutes. Stream ciphers where plaintext bits are combined with a cipher bit stream by an exclusive-or operation (xor) can be very secure if used properly. ... The Data Encryption Standard (DES) is a cipher (a method for encrypting information) selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976, and which has subsequently enjoyed widespread use internationally. ... ReBoot character, see Megabyte (ReBoot). ...

Usage

Stream ciphers are often used in applications where plaintext comes in quantities of unknowable length—for example, a secure wireless connection. If a block cipher were to be used in this type of application, the designer would need to choose either transmission efficiency or implementation complexity, since block ciphers cannot directly work on blocks shorter than their block size. For example, if a 128-bit block cipher received separate 32-bit bursts of plaintext, three quarters of the data transmitted would be padding. Block ciphers must be used in ciphertext stealing or residual block termination mode to avoid padding, while stream ciphers eliminate this issue by naturally operating on the smallest unit that can be transmitted (usually bytes). While the term wireless network may technically be used to refer to any type of network that is wireless, the term is most commonly used to refer to a telecommunications network whose interconnections between nodes is implemented without the use of wires, such as a computer network (which is a... Encryption Decryption In cryptography, a block cipher is a symmetric key cipher which operates on fixed-length groups of bits, termed blocks, with an unvarying transformation. ... In cryptography, padding is the practice of adding material of varying length to the plaintext of messages. ... In cryptography, ciphertext stealing (CTS) is a general method of using a block cipher mode of operation that allows for processing of messages that are not evenly divisible into blocks without resulting in any expansion of the ciphertext, at the cost of significantly increased complexity. ... In cryptography, residual block termination is a variation of cipher block chaining mode (CBC) that does not require any padding. ...

Another advantage of stream ciphers in military cryptography is that the cipher stream can be generated in a separate box that is subject to strict security measures and fed to other devices, e.g. a radio set, which will perform the xor operation as part of their function. The latter device can then be designed and used in less stringent environments.

RC4 is the most widely used stream cipher in software; others include: A5/1, A5/2, Chameleon, FISH, Helix, ISAAC, MUGI, Panama, Phelix, Pike, SEAL, SOBER, SOBER-128 and WAKE. For the Vietnam road named RC4, see Route Coloniale 4. ... A5/1 is a stream cipher used to provide over-the-air communication privacy in the GSM cellular telephone standard. ... A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. ... For the British code-word for World War II German stream cipher teleprinter secure communications devices, see Fish (cryptography). ... In cryptography, Helix is a high-speed asynchronous stream cipher with a built-in message authentication code (MAC) functionality. ... ISAAC is a pseudorandom number generator designed by Bob Jenkins (1996) to be cryptographically secure. ... In cryptography, MUGI is a pseudorandom number generator (PRNG) designed for use as a stream cipher. ... Phelix is a high-speed stream cipher with a built-in single-pass message authentication code (MAC) functionality, submitted in 2004 to the eSTREAM contest by Doug Whiting, Bruce Schneier, Stefan Lucks, and Frédéric Muller. ... The Pike stream cipher was invented by Ross Anderson to be a leaner and meaner version of FISH after he broke FISH in 1994; the name is a humorous allusion to the Pike fish. ... SEAL (Software-Optimized Encryption Algorithm) is a very fast stream cipher optimised for machines with a 32-bit word size and plenty of RAM. The first version was published by Phil Rogaway and Don Coppersmith in 1994. ... In cryptography, SOBER is a family of stream ciphers initially designed by Greg Rose of QUALCOMM Australia starting in 1997. ... SOBER-128 is a synchronous stream cipher designed by Hawkes and Rose (2003) and is a member of the SOBER family of ciphers. ... A wake is the region of turbulence immediately to the rear of a solid body caused by the flow of air or water around the body. ...

Comparison Of Stream Ciphers

A key is a piece of information that controls the operation of a cryptography algorithm. ... In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break... In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher executed in any of several streaming modes of operation to produce a unique stream independent from other streams produced by the same encryption key, without having to... A5/1 is a stream cipher used to provide over-the-air communication privacy in the GSM cellular telephone standard. ... Year 1989 (MCMLXXXIX) was a common year starting on Sunday (link displays 1989 Gregorian calendar). ... “Cell Phone” redirects here. ... The known-plaintext attack (KPA) is an attack model for cryptanalytic where the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... The known-plaintext attack (KPA) is an attack model for cryptanalytic where the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... A5/2 is a stream cipher used to provide voice privacy in the GSM cellular telephone protocol. ... Year 1989 (MCMLXXXIX) was a common year starting on Sunday (link displays 1989 Gregorian calendar). ... “Cell Phone” redirects here. ... For the British code-word for World War II German stream cipher teleprinter secure communications devices, see Fish (cryptography). ... Year 1993 (MCMXCIII) was a common year starting on Friday (link will display full 1993 Gregorian calendar). ... It has been suggested that this article or section be merged with Computer program. ... The known-plaintext attack (KPA) is an attack model for cryptanalytic where the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... Grain is a stream cipher designed for restricted hardware environments and submitted to eSTREAM in 2004 by Martin Hell, Thomas Johansson and Willi Meier. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... HC-256 is a stream cipher designed to provide bulk encryption in software at high speeds while permitting strong confidence in its security. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... The Pentium 4[1] brand refers to Intels mainstream desktop and mobile single-core CPUs (introduced on November 20, 2000[2]) with the seventh-generation NetBurst architecture, which was the companys first all-new design since the Intel P6 of the Pentium Pro branded CPUs of 1995. ... ISAAC is a pseudorandom number generator designed by Bob Jenkins (1996) to be cryptographically secure. ... Year 1996 (MCMXCVI) was a leap year starting on Monday (link will display full 1996 Gregorian calendar). ... In computing, a 64-bit component is one in which data are processed or stored in 64-bit units (words). ... 32-bit is a term applied to processors, and computer architectures which manipulate the address and data in 32-bit chunks. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... Year 2001 (MMI) was a common year starting on Monday (link displays the 2001 Gregorian calendar). ... In cryptography, MUGI is a pseudorandom number generator (PRNG) designed for use as a stream cipher. ... Year 1998 (MCMXCVIII) was a common year starting on Thursday (link will display full 1998 Gregorian calendar). ... Also see: 2002 (number). ... Also see: 2002 (number). ... Year 1998 (MCMXCVIII) was a common year starting on Thursday (link will display full 1998 Gregorian calendar). ... Year 2001 (MMI) was a common year starting on Monday (link displays the 2001 Gregorian calendar). ... Phelix is a high-speed stream cipher with a built-in single-pass message authentication code (MAC) functionality, submitted in 2004 to the eSTREAM contest by Doug Whiting, Bruce Schneier, Stefan Lucks, and Frédéric Muller. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... Intel Pentium 4 (Northwood version), one example out of a huge number of x86 implementations from Intel, AMD, and others. ... In security engineering, a nonce is a number used once. ... The Pike stream cipher was invented by Ross Anderson to be a leaner and meaner version of FISH after he broke FISH in 1994; the name is a humorous allusion to the Pike fish. ... Year 1994 (MCMXCIV) The year 1994 was designated as the International Year of the Family and the International Year of the Sport and the Olympic Ideal by the United Nations. ... For the British code-word for World War II German stream cipher teleprinter secure communications devices, see Fish (cryptography). ... It has been suggested that this article or section be merged with Computer program. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... Py is a stream cipher submitted to eSTREAM by Eli Biham and Jennifer Seberry. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... Cryptanalysis (from the Greek kryptós, hidden, and analýein, to loosen or to untie) is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... Rabbit is a high-speed stream cipher first presented[1] in February 2003 at the 10th FSE workshop. ... Year 2003 (MMIII) was a common year starting on Wednesday of the Gregorian calendar. ... Pentium III logo The Pentium III is an x86 (more precisely, an i686) architecture microprocessor by Intel, introduced on February 26, 1999. ... The ARM7TDMI processor is a 16-bit/32-bit RISC CPU designed by ARM, and licensed for manufacture by an array of semiconductor companies. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... In cryptography, RC4 (also known as ARC4 or ARCFOUR) is the most widely-used software stream cipher and is used in popular protocols such as Secure Sockets Layer (SSL) (to protect Internet traffic) and WEP (to secure wireless networks). ... Year 1987 (MCMLXXXVII) was a common year starting on Thursday (link displays 1987 Gregorian calendar). ... This article does not cite any references or sources. ... In cryptography, a weak key is a key which when used with a specific cipher, makes the cipher behave in some undesirable way. ... The known-plaintext attack (KPA) is an attack model for cryptanalytic where the attacker has samples of both the plaintext and its encrypted version (ciphertext) and is at liberty to make use of them to reveal further secret information; typically this is the secret key. ... Salsa20 is a stream cipher submitted to eSTREAM by Daniel Bernstein. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... PowerPC G4 is a designation used by Apple Computer to describe a fourth generation of PowerPC microprocessors. ... The Pentium 4[1] brand refers to Intels mainstream desktop and mobile single-core CPUs (introduced on November 20, 2000[2]) with the seventh-generation NetBurst architecture, which was the companys first all-new design since the Intel P6 of the Pentium Pro branded CPUs of 1995. ... Differential cryptanalysis is a general form of cryptanalysis applicable primarily to block ciphers, but also to stream ciphers and cryptographic hash functions. ... Year 2005 (MMV) was a common year starting on Saturday (link displays full calendar) of the Gregorian calendar. ... Year 2005 (MMV) was a common year starting on Saturday (link displays full calendar) of the Gregorian calendar. ... The Scream cipher is a word-based stream cipher developed by Shai Halevi, Don Coppersmith and Charanjit Jutla from IBM. The cipher is designed as a software efficient stream cipher. ... Also see: 2002 (number). ... It has been suggested that this article or section be merged with Computer program. ... SEAL (Software-Optimized Encryption Algorithm) is a very fast stream cipher optimised for machines with a 32-bit word size and plenty of RAM. The first version was published by Phil Rogaway and Don Coppersmith in 1994. ... For the band, see 1997 (band). ... 32-bit is a term applied to processors, and computer architectures which manipulate the address and data in 32-bit chunks. ... Snow is a type of precipitation in the form of crystalline water ice, consisting of a multitude of snowflakes that fall from clouds. ... Year 2003 (MMIII) was a common year starting on Wednesday of the Gregorian calendar. ... 32-bit is a term applied to processors, and computer architectures which manipulate the address and data in 32-bit chunks. ... SOBER-128 is a synchronous stream cipher designed by Hawkes and Rose (2003) and is a member of the SOBER family of ciphers. ... Year 2003 (MMIII) was a common year starting on Wednesday of the Gregorian calendar. ... The SOSEMANUK cipher is a Synchronous Stream Cipher developed by Come Berbain, Olivier Billet, Anne Canteaut, Nicolas Courtois, Henri Gilbert, Louis Goubin, Aline Gouget, Louis Granboulan, Cédric Lauradoux, Marine Minier, Thomas Pornin and Hervé Sibert. ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... 32-bit is a term applied to processors, and computer architectures which manipulate the address and data in 32-bit chunks. ... Structure of Trivium For other uses, see trivia (disambiguation). ... Year 2004 (MMIV) was a leap year starting on Thursday of the Gregorian calendar. ... Intel Pentium 4 (Northwood version), one example out of a huge number of x86 implementations from Intel, AMD, and others. ... A logic gate performs a logical operation on one or more logic inputs and produces a single logic output. ... The EFFs US$250,000 DES cracking machine contained over 1,800 custom chips and could brute force a DES key in a matter of days — the photograph shows a DES Cracker circuit board fitted with several Deep Crack chips. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... Turing is a stream cipher developed by Gregory G. Rose and Philip Hawkes at Qualcomm for CDMA. It is designed to be fast in software and achieves around 5. ... Year 2000 (MM) was a leap year starting on Saturday (link will display full 2000 Gregorian calendar). ... Year 2003 (MMIII) was a common year starting on Wednesday of the Gregorian calendar. ... Intel Pentium 4 (Northwood version), one example out of a huge number of x86 implementations from Intel, AMD, and others. ... VEST (Very Efficient Substitution Transposition) ciphers are a set of families of general-purpose hardware-dedicated ciphers that support single pass authenticated encryption and can operate as collision-resistant hash functions. ... Year 2005 (MMV) was a common year starting on Saturday (link displays full calendar) of the Gregorian calendar. ... This article does not cite any references or sources. ... An Altera Stratix II GX FPGA. A field-programmable gate array is a semiconductor device containing programmable logic components called logic blocks, and programmable interconnects. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... Year 2006 (MMVI) was a common year starting on Sunday of the Gregorian calendar. ... A wake is the region of turbulence immediately to the rear of a solid body caused by the flow of air or water around the body. ... Year 1993 (MCMXCIII) was a common year starting on Friday (link will display full 1993 Gregorian calendar). ... A chosen plaintext attack is any form of cryptanalysis which presumes that the attacker has the capability to choose arbitrary plaintexts to be encrypted and obtain the corresponding ciphertexts. ... A chosen-ciphertext attack (CCA) is an attack model for cryptanalysis in which the cryptanalyst chooses a ciphertext and causes it to be decrypted with an unknown key. ... A key is a piece of information that controls the operation of a cryptography algorithm. ... In cryptography, the key size (alternatively key length) is the size of the digits used to create an encrypted text; it is therefore also a measure of the number of possible keys which can be used in a cipher, and the number of keys which must be tested to break... In cryptography, an initialization vector (IV) is a block of bits that is required to allow a stream cipher or a block cipher executed in any of several streaming modes of operation to produce a unique stream independent from other streams produced by the same encryption key, without having to...

Trivia

• United States National Security Agency documents sometimes use the term combiner-type algorithms, referring to algorithms that use some function to combine a pseudorandom number generator (PRNG) with a plaintext stream.

“NSA” redirects here. ... A pseudorandom number generator (PRNG) is an algorithm to generate a sequence of numbers that approximate the properties of random numbers. ... In cryptography, plaintext is information used as input to an encryption algorithm; the output is termed ciphertext. ...

References

• Matt J. B. Robshaw, Stream Ciphers Technical Report TR-701, version 2.0, RSA Laboratories, 1995 (PDF).
• Thomas Beth and Fred Piper, The Stop-and-Go Generator. EUROCRYPT 1984, pp88-92.

See also

• eSTREAM

eSTREAM is a project to identify new stream ciphers that might become suitable for widespread adoption, organised by the EU ECRYPT network. ...

External Links

• RSA technical report on stream cipher operation.