Lecture 2 - Stream Ciphers Flashcards
Requirement of a one-time pad
OTP needs to be a random bit string as long as the message
What is Shannon’s perfect secrecy?
Seeing the ciphertext, you can’t get any leaked, additional information about the plaintext
When can you say the cipher has perfect secrecy?
If the same key can result in the same ciphertext with equal probability for two different messages.
What type of attack does perfect secrecy prevent?
Ciphertext only attack (but other attacks are possible)
Pros and cons of OTP
Pro: It is unconditionally secure only if the key is truly random Cons: to have perfect secrecy it needs as many key bits as the message length
What about stream ciphers makes OTP practical?
Stream ciphers use a pseudorandom key which is easier to deal with than a truly random key
What is the benefit of stream ciphers?
They encrypt bit by bit so you can encrypt a text of unknown length
How does a stream cipher work?
PRG (pseudorandom generator) creates a key. You XOR the key with the plaintext to get the ciphertext. To revert, you XOR the ciphertext with the key again to cancel out the keys and get back plaintext. (NOTE: this is what makes XOR property so great, you can revert back)
What is a PRG?
Pseudorandom generator (cannot be distinguished from truly random generator)
Can Stream ciphers have perfect secrecy?
No, because of PRG
Two time pad attack
The two ciphers derived from the same key can be XOR-ed to get back m1 XOR m2 (NEVER USE STREAM CIPHER MORE THAN ONCE)
OTP Attack: No integrity
Can easily manipulate ciphertext (it has predictable output on plaintext)
Advantage of 0 vs 1
0 means Cannot distinguish from random, 1 means broke the generator
How can you say a PRG is secure?
If all efficient statistical tests say output looks random
