Stream ciphers

RoyalTechRoyalTech Member Posts: 94 ■■□□□□□□□□
[FONT=&quot]While block ciphers make sense without much trouble, I am having trouble with stream ciphers. How is it done? Do they require each bit to be encrypted individually? If so, how is this done without requiring a very large amount of processing overhead? Why is repeating a key create a vulnerability more with stream ciphers than with block ciphers which is how I understand it? Are the keys repeated in a pattern that can be detected which isn't done with the other?
[/FONT]

Comments

  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,671 Admin
    Think of the data in transit as a conveyor belt transporting an endless length of flattened cookie dough. As the dough (the data) travels along with the belt (the communications channel), a cookie cutter (the stream cipher key) is periodically pressed into the dough (a stream cipher is applied to a segment of the data) to make a cookie (a segment of the data encoded with a stream cipher key). The longer the cookie cutter the bigger the cookie and the more secure it is because there will be fewer bigger cookie than smaller cookies.

    OK, that last bit really broke my analogy, but it's essentially correct.

    Breaking encryption is all about discovering the key used to encrypt the data. Small cipher keys are more easily discovered because they are repeated so frequently in the encrypted stream (lots of cookies to find). A really long key is more difficult to discover because it is much longer and is repeated fewer times in the encrypted data. The best cipher key is as long as the data being encrypted (only one cookie made form all that dough). This is called a one-time pad.

    Stream cipher - Wikipedia, the free encyclopedia

    And for comparison: http://en.wikipedia.org/wiki/Block_cipher
  • RoyalTechRoyalTech Member Posts: 94 ■■□□□□□□□□
    The way you explain it, it makes it sound as though a stream cipher is still encrypting blocks of data even though they may be streaming as the encryption takes place.

    Also, it seems like you answered my question regarding why repeating a key is a bad thing. It is because the same key is used for the entire stream. My question would then be why does this not have the same effect on a block cipher? Is it because the blocks are much bigger than the "cookies" in a stream cipher?
  • RoyalTechRoyalTech Member Posts: 94 ■■□□□□□□□□
    I think I misunderstood that a little. In your example, each cookie would be equal to one bit. At the same time, in Wikipedia, it says that the keystream is pseudorandom so it isn't the same key for each. I would think that if the keystream has any significant randomness at all, it would be very difficult to hack even if they were occasionally reused.
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,671 Admin
    A block is at rest (i.e., "unmoving") and can be encoded and recoded many times in different ways and even using different keys (see Substitution box and Permutation box). A stream is in transit (i.e., "moving") and cannot be delayed to re-encode it nine way to Sunday. You can use a stream cipher on blocks of data, but not a block cipher on streams of data. Well, I guess you could use a block cipher on a stream of data, but the usability of the data stream in transit will go all to Hell.
  • RoyalTechRoyalTech Member Posts: 94 ■■□□□□□□□□
    I understood the difference between a block and a stream but that was helpful nonetheless. I'm going to mull over what you said before I open my mouth again. Thanks!
Sign In or Register to comment.