Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
CompTIA
Security+
Stream ciphers
RoyalTech
[FONT="]While block ciphers make sense without much trouble, I am having trouble with stream ciphers. How is it done? Do they require each bit to be encrypted individually? If so, how is this done without requiring a very large amount of processing overhead? Why is repeating a key create a vulnerability more with stream ciphers than with block ciphers which is how I understand it? Are the keys repeated in a pattern that can be detected which isn't done with the other?
[/FONT]
Find more posts tagged with
Comments
JDMurray
Think of the data in transit as a conveyor belt transporting an endless length of flattened cookie dough. As the dough (the data) travels along with the belt (the communications channel), a cookie cutter (the stream cipher key) is periodically pressed into the dough (a stream cipher is applied to a segment of the data) to make a cookie (a segment of the data encoded with a stream cipher key). The longer the cookie cutter the bigger the cookie and the more secure it is because there will be fewer bigger cookie than smaller cookies.
OK, that last bit really broke my analogy, but it's essentially correct.
Breaking encryption is all about discovering the key used to encrypt the data. Small cipher keys are more easily discovered because they are repeated so frequently in the encrypted stream (lots of cookies to find). A really long key is more difficult to discover because it is much longer and is repeated fewer times in the encrypted data. The best cipher key is as long as the data being encrypted (only one cookie made form all that dough). This is called a
one-time pad
.
Stream cipher - Wikipedia, the free encyclopedia
And for comparison:
http://en.wikipedia.org/wiki/Block_cipher
RoyalTech
The way you explain it, it makes it sound as though a stream cipher is still encrypting blocks of data even though they may be streaming as the encryption takes place.
Also, it seems like you answered my question regarding why repeating a key is a bad thing. It is because the same key is used for the entire stream. My question would then be why does this not have the same effect on a block cipher? Is it because the blocks are much bigger than the "cookies" in a stream cipher?
RoyalTech
I think I misunderstood that a little. In your example, each cookie would be equal to one bit. At the same time, in Wikipedia, it says that the keystream is pseudorandom so it isn't the same key for each. I would think that if the keystream has any significant randomness at all, it would be very difficult to hack even if they were occasionally reused.
JDMurray
A
block
is at rest (i.e., "unmoving") and can be encoded and recoded many times in different ways and even using different keys (see
Substitution box
and
Permutation box
). A
stream
is in transit (i.e., "moving") and cannot be delayed to re-encode it nine way to Sunday. You can use a stream cipher on
blocks
of data, but not a block cipher on
streams
of data. Well, I guess you could use a block cipher on a stream of data, but the usability of the data stream in transit will go all to Hell.
RoyalTech
I understood the difference between a block and a stream but that was helpful nonetheless. I'm going to mull over what you said before I open my mouth again. Thanks!
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
