2 - Stream Ciphers

Question 1

Block Cipher

Answer 1

Split plaintext into blocks of fixed length; encrypt each block with same key

Question 2

Stream Cipher

Answer 2

Works on bit streams and encrypts bits as they come.

Uses less memory/resources

Question 3

Stream Cipher components

Answer 3

Plaintext: m = m1 m2 m3 …
Keystream: k = k1 k2 k3 …
Ciphertext: c = m ⊕ k (bitwise xor)

Question 4

Bitwise XOR

Answer 4

in1 in2 Res
o 0 0
0 1 1
1 0 1
1 1 0

in1 + in2 mod 2

Question 5

Plaintext 1101 0110
Keystream 0011 0101
Has cipher text:

Answer 5

1110 0011

Question 6

Ciphertext 1110 0011
Key stream 0011 0101
Plain text:

Answer 6

1101 0110

bitwise XOR works this way also!

Question 7

What is the issue with bitwse XOR and keystreams?

Answer 7

Plaintext XOR Ciphertext = keystream

Obtaining both plaintext and ciphertext reveals the keystream

Question 8

Why use Bitwise XOR

Answer 8

Easy to decrypt (simple operation)
Easy implementation
- Gates in hardware
- Also simple in software

BUT attacker can determine keystream from plain and ciphertext

Question 9

One-time pad

Answer 9

A stream cipher in which A&B exchange over a secure channel the whole keystream k, which is truly random

A new keystream is used for each message.

Question 10

3 issues with One time pad

Answer 10

Very expensive
- Length of keystream must match length of ALL messages sent
- True random bits must be generated

Question 11

One time pad security

Answer 11

Cannot be broken, even with unlimited resources
- Known ciphertext: Exhaustive keysearch can not distinguish correct plaintext as all keystreams are equally likely (random)
- Known plaintext: Each message uses a new keystream!

Question 12

Pseudo-random number generators

Answer 12

When true randomness is infeasible, use generators (at cost of losing security guarantee of one time pad)

Question 13

How do pseudorandom generators generally work? (Linear Congruential)

Answer 13

1. Start with a seed
   s0 = seed
2. Use a formula like
   s[n] = (a s[n-1] + b) mod M

NOTE: Will cycle - not entirely random. Only M possible numbers and only depends on previous number.

Question 14

Should you generate a random bit sequence in binary?

Answer 14

Very insecure. USe only the least significant bit or another

Question 15

Linear Congruential generator

Where is it used? Is it strong enough?

Answer 15

Commonly used for rand() function in programming.

TOO WEAK FOR cryptographic applications.

Question 16

The same seed with the same generator = same sequence. Why not use the key as the seed?

Answer 16

Hackers observing the seed and figure out the generator

Question 17

Alice and Bob NEED a different seed for each comms section. Solution?

Hint: the key should be unchanged

Answer 17

The seed is made up of two components K and IV.

K = symmetric key, same for each session
IV = Initialisation vector: public, send unencrypted and IV is changed every time.

Concatenate the key and vector to get the seed.

Question 18

Stream ciphers in use

Answer 18

• SNOW and ZUC 4G/5G
• ChaCha20 in TLS1.3
• eStream

Question 19

Uses for Pseudo-random generators

Answer 19

1. Generate keystream
2. Choose keys in any cryptosystem
3. Nonces for preventing replay attacks
4. Session IDs