How Stream Ciphers Work

Yesterday I kicked off the topic of symmetric encryption by talking about block ciphers. Stream ciphers are another common pattern for symmetric encryption algorithm. Unlike block ciphers that operate on chunks of input text, a stream cipher operates on a byte-at-a-time basis using an input stream.  Actually, a stream cipher works using two data streams. The first data stream is the stream of input text. The second data stream is the stream of key data. The key data stream is generated by a function whose seed is the encryption key.

Encryption works by taking a byte (or similarly sized piece) from the input stream and a byte from the key stream and combining them using some function. Typically, that function is a really simple one, such as exclusive-or. Security is provided by making the key stream hard to guess rather than making the algorithm complex. Decryption works in reverse by taking a byte from the encrypted stream and a byte from the same key stream to return the byte from the input stream. This works because the generated key stream is always the same for a particular encryption key and the encryption function has a simple reverse operation (itself).

Stream ciphers are very simple but have more obvious weaknesses than the block ciphers we looked at yesterday. Stream ciphers are susceptible to targeted tampering of the message because changes to the text are narrowly scoped. Flipping a single bit in the encrypted text won't affect any of the surrounding text when the message is decoded. Flipping that same bit with a block cipher affects all of the bits in that block.

There are also several attack methods if you reuse portions of the key stream for multiple messages. Since an encryption key can only generate a limited amount of key stream, safely encrypting more text requires exchanging more encryption key bits. Most of the commonly used algorithms for symmetric encryption are block ciphers.