The most common security threats are an electronic payments system, e-cash,

data misuse, credit/debit card frauds, etc. Security threats can be many
like Software attacks, theft of intellectual property, identity theft, theft of
equipment or information, sabotage, and information extortion

What is a stream cipher?

A stream cipher is a method of encrypting text (to produce ciphertext) in which a
cryptographic key and algorithm are applied to each binary digit in a data stream,
one bit at a time. The main alternative method to stream cipher is, in fact, the block
cipher, where a key and algorithm are applied to blocks of data rather than
individual bits in a stream.

How does a stream cipher work?

A stream cipher is an encryption algorithm that uses a symmetric key to encrypt
and decrypt a given amount of data. A symmetric cipher key, as opposed to an
asymmetric cipher key, is an encryption tool that is used in both encryption and
decryption. Asymmetric keys will sometimes use one key to encrypt a message and
another to decrypt the respective ciphertext.

What makes stream ciphers particularly unique is that they encrypt data one bit, or
byte, at a time. Basic encryption requires three main components:

1. a message, document or piece of data

2. a key
3. an encryption algorithm

The key typically used with a stream cipher is known as a one-time pad.
Mathematically, a one-time pad is unbreakable because it's always at least the
exact same size as the message it is encrypting.
 A stream cipher is a cryptographic cipher to convert (encrypt) text to produce
ciphertext and back.

Cryptographers also refer to the symmetric key used in a stream cipher as

a keystream. This is because Person A could opt to create a pseudo-random cipher
digit stream, or keystream, using a key that is smaller than the size of
the plaintext file. Furthermore, to avoid having to create a larger keystream, users
can use a cryptographic number generator to create a larger keystream from a
smaller, pseudo-random key.

Here, Person A decides to use a 4-bit key to encrypt a 10-bit message. To do that,
they must first use an initialization vector (IV) to generate a random seed value.
Placing this seed value into a cryptographic number generator, Person A can create
a pseudo-random keystream that matches the size of their desired plaintext file.

The quality of the number generator contributes to the randomness and security of
the ciphertext, however. Lower-end cryptographic number generators can
sometimes have patterns that malicious users, or hackers, can identify and use to
decrypt the ciphertext.

After the user has created the keystream, the stream cipher combines the keystream
with the corresponding digits of the plaintext using the exclusive-or (XOR)
operator. The XOR operator creates new binary values, which make up the
ciphertext. It generates these values by comparing bits in the plaintext and the
keystream that share the same position.
For example, the first bit in Person A's 10-bit message will be XOR-ed with the
first bit of the keystream. If the two digits are the same, the XOR operator will
produce a zero. If the two are different -- i.e., a combination of 1 and 0 -- the XOR
operator will produce a 1. This is part of what makes stream cipher encryption so
fast.

Once each bit of data has been XOR-ed by the stream cipher, it will produce an
unreadable ciphertext message.Decryption of the ciphertext can happen in a
manner similar to how the plaintext encryption occurs. This time, instead of the
data and keystream being XOR-ed, the ciphertext and the keystream are XOR-
ed.Stream ciphers users should not use the same IV more than once, however, to
maximize the security of this process
A stream cipher is a type of symmetric, as opposed to asymmetric, encryption.

The advantages and disadvantages of using a stream cipher

Speed of encryption tops the list of advantages for stream ciphers. Once a stream
cipher makes a key, the encryption and decryption process is almost instantaneous.
This is largely due to the simplicity of operation, a basic XOR function using two
distinct data bits. Also, for this reason, the hardware complexity of a stream cipher
is quite low -- meaning a wider range of technologies can facilitate this mode of
operation.

Another advantage of using stream ciphers is the ability to decrypt selected

sections of ciphertext. Since each bit of data in the ciphertext corresponds with
plaintext data in the same position, users can decrypt ciphertext for part of a
document rather than the entire file. If Person A, for example, wanted to retrieve
the original plaintext data for just the first five bits, they would only need to
decrypt the first five bits of the ciphertext.

The positional alignment among the plaintext, keystream and ciphertext is a

significant security vulnerability of stream ciphers. If the encryption process does
not use a hashing algorithm or IV during the encryption process, a hacker who
obtains a segment of plaintext and its respective ciphertext will be able to deduce
the keystream used by the process.

This is why cryptographers refer to stream ciphers as having low diffusion,

meaning the plaintext and ciphertext are not vastly different from each other.

Confusion vs. diffusion

Evaluate encryption methods using two main criteria: confusion and diffusion.

Confusion contributes to the ambiguity of the ciphertext -- i.e., the methods used
to complicate the relationship between the plaintext and the ciphertext.

Diffusion, on the other hand, refers to how well the encryption hides these
complex, or simple, relationships. For example, a standard for diffusion is that at
least 50% of the ciphertext should change when a cipher alters a single bit of
plaintext. Encryption operations with low diffusion are less secure than those with
high diffusion.

What Is a Block Cipher?

As the name would imply, a block cipher is one that allows you to use a key to
encrypt data in big ol’ groups (blocks) of a pre-determined size (such as 128 bits,
256 bits, etc.). So, what this does is allow you to encrypt all the data in a block as a
single unit. For example, let’s say you have the message: “For the Alliance.”
(Don’t hate, Horde fans. Your time will come.)

If you want to encrypt that using a block cipher, the plaintext message would be
broken down into smaller blocks of binary. So, “For the Alliance” would look
something like this:
010001100110111101110010001000000111010001101000011001010010000001
000001011011000110110001101001011000010110111001100011011001010010
1110

Now, if we break these 136 binary digits into blocks of, say, 4 digits, it divides
nicely because 4 goes into 136 a total of 32 times. The blocks would look
something like this:

But what do you do if the there isn’t enough data to form a complete block? Like,
say, if you had 138 binary digits instead of 136 (meaning you’d have an
incomplete last data block)? Then what you can do is add padding (this could be a
set number of 0s) to the end of the block to ensure the block is that fixed size.
 A basic diagram that showcases how a block cipher works.

Block cipher example: This simplified version of a block cipher illustrates how
block ciphers work overall. It’s similar in design to how the ECB mode of
operation works, which you’ll learn more about a little later in this article.

Depending on the mode of operation you use (we’ll explain that more shortly), the
blocks are then “chained” together, which enables the blocks to be connected
sequentially. In some cases, block ciphers can operate as stream ciphers based on
their modes of operation. This is because they take on certain properties due to
those modes, which we’ll discuss later in the article.
 A basic block cipher that uses a chaining operation (illustrated with the orange
connecting arrows). In this case, this is akin to a simplified example of a CBC
block cipher mode of operation. Yes, I know, this illustration is lacking the
initialization vector and XORing. But, again, this is supposed to be a simplified
version that just intends to showcase the chaining of one data block to the next.

Examples of Block Ciphers

 Data Encryption Standard (DES),

 Triple DES (3DES or TDEA),
 Advanced Encryption Standard (AES),
 International Data Encryption Algorithm (IDEA),
 Blowfish,
 Twofish, and
 RC5Download the Checklist

What Is a Stream Cipher?

A stream cipher is a cipher that encrypts (and decrypts) with the flow — the data
flow, that is. Unlike block ciphers, which require the formation of blocks prior to
 encryption, stream ciphers encrypt data in long, pseudorandom streams. Basically,
this means you can process one bit of data at a time instead of waiting for a data
block to form.

1. Synchronous stream ciphers (aka key auto-key, or KAK) — These types of

ciphers generate keystreams independently of any previous plaintext or ciphertexts.
2. Self-synchronizing stream ciphers (aka asynchronous stream ciphers,
ciphertext autokey or CTAK) — These ciphers, on the other hand, rely on
previous ciphertext bits to generate keystreams.

How Stream Ciphers Work

So, how does a stream cipher actually work in a more technical sense? As
mentioned earlier, a stream cipher encrypts data one bit at a time instead of in
blocks. But a key part of this process is generating a stream of pseudorandom bits
based on an encryption key and a seed, aka a nonce (a unique randomly generated
number — “nonce” = number-only-used-once). Together, they create a keystream
(that stream of pseudorandom bits we just mentioned) that gets XORed with your
plaintext input, which encrypts it and results in your ciphertext output.
 Stream
cipher example: This is a basic illustration to showcase the basic operations of a
stream cipher.

To better understand this, let’s walk through an example. Let’s consider an

alternative phrase to the example we used earlier: “For the Horde!” (See? I haven’t
forgotten you guys.) The binary version of this plaintext message would look like
this:

010001100110111101110010001000000111010001101000011001010010000001
0010000110111101110010011001000110010100100001

So, if we use a stream cipher to encrypt the message, we’ll do so one bit at a time.
So, the plaintext data would be broken down into individual bits, which would look
something like this:
 Yeah, take a moment to let your eyes adjust after reading that, uh, colorful graphic.

So, the next step here would be to generate the sequence of pseudorandom bits
(i.e., the keystream). This is typically based on an internal state.

Once you have your keystream, you XOR the pseudorandom bits with the binary
of your plaintext message. Thinking back to the XOR table from earlier, this means
that if the first bit of the plaintext message was 1 and the first bit for the keystream
was a 0, then the output would be a 1. If the second bit of the plaintext message
was another 1 and the first bit of the keystream was also a 1, then the output would
also be a 0. Get it? Yeah, that’s basically how a stream cipher works.

Stream algorithms are faster and more efficient than block ciphers because they’re
encrypting only one bit of data at a time into individual symbols rather than entire
blocks. So, they’re better suited for devices that have fewer resources. Also, as a
result of this single-bit-of-data approach, it means that if there’s an error in one
symbol, it’ll be less likely to affect the next. However, some stream ciphers are
vulnerable to bit-flipping attacks and key reuse attacks.

A very basic example of a stream cipher is the Caesar cipher, which is a cipher that
that substitutes one character with another individually. But that’s a really archaic
and outdated example of a cipher. So, what sorts of stream ciphers can we find in
use today?

Examples of Stream Ciphers

 Salsa20 (software and hardware implementations),

 ChaCha20 (the modified version of Salsa20; ChaCha20 is supported in TLS 1.3),
 RC4 (for wireless networks), and
 A5 (for GSM cellular networks).
Block Cipher Modes of Operation
Remember how we mentioned that some block ciphers can operate as stream
ciphers? This is possible through specific modes of operation, which include CFB,
OFB, and CTR — all of which we’re going to talk about shortly. However, it’s
important to note that stream ciphers can’t convert into or operate as block
ciphers. It’s kind of like how caterpillars transform into butterflies but not vice
versa.

1. Electronic Codebook (ECB) Mode

2. Cipher Block Chaining (CBC) Mode

This operation mode is slow. This mode of operation is susceptible to padding
attacks and manipulation

3. Cipher Feedback (CFB) Mode

4. Output Feedback (OFB) Mode

5. Counter (CTR) Mode

Block Ciphers Stream Ciphers

Symmetric key ciphers are stateful

Symmetric key ciphers that encrypt and decrypt
ciphers that encrypt and decrypt data
data in fixed-size blocks.
bit-by-bit.

Slower processing. Faster processing.

Require more resources. Require fewer resources.

Can take on stream cipher properties through

Cannot take on block cipher properties.
certain modes of operation.

Rely on stateless and stateful modes of

operation, which include ECB, CBC, CFB, Can be synchronous or asynchronous.
OFB, CTR, GCM, and XTS.

Used for some data in-transit

Used nearly everywhere. encryption, including in some
SSL/TLS cipher suites.