Cryptography
 Computer Science Computer Catlog Cryptography Catlog

 Caesar Cipher Digital Signature Public key cryptography Symmetric vs. public-key Key Management Stream Ciphers Self-Synchronizing Ciphers Feedback Shift Registers Modes of Operation Multiple Encryption Transposition Ciphers Substitution Ciphers Poly-alpha Substitutions Poly-alpha Cipher Machine Cryptanalysis Ciphers Data Encryption Standard DES Algorithm IDEA Algorithm RC5 Algorithm RSA Encryption Rabin Encryption ElGamal Encryption MD4 & MD5 Secure Hash Algorithm Kerberos Authentication Diffie-Hellman protocols Key Management Life Cycle

## Synchronous Stream Ciphers

A synchronous stream cipher is one in which the key stream is generated independently of the plaintext message and of the ciphertext. The encryption process of a synchronous stream cipher can be described by the equations

ði+1 = f(ði; k);

zi = g(ði; k);

ci = h(zi;mi);

where ð0 is the initial state and may be determined from the key k, f is the next-state function, g is the function which produces the keystream zi, and h is the output function which combines the keystream and plaintext mi to produce ciphertext ci. The OFB mode of a block cipher is an example of a synchronous stream cipher.

(i) Synchronization Requirements. In a synchronous stream cipher, both the sender and receiver must be synchronized - using the same key and operating at the same position (state) within that key - to allow for proper decryption. If synchronization is lost due to ciphertext digits being inserted or deleted during transmission, then decryption fails and can only be restored through additional techniques for re-synchronization. Techniques for re-synchronization include re-initialization, placing special markers at regular intervals in the ciphertext, or, if the plaintext contains enough redundancy, trying all possible keystream offsets.

(ii) No Error Propagation. A ciphertext digit that is modified (but not deleted) during transmission does not affect the decryption of other ciphertext digits.

(iii) Active Attacks. As a consequence of property

(a), the insertion, deletion, or replay of ciphertext digits by an active adversary causes immediate loss of synchronization, and hence might possibly be detected by the decryptor. As a consequence of property

(b), an active adversary might possibly be able to make changes to selected ciphertext digits, and know exactly what affect these changes have on the plaintext. This illustrates that additional mechanisms must be employed in order to provide data origin authentication and data integrity guarantees.

Most of the stream ciphers that have been proposed to date in the literature are additive stream ciphers, which are defined below.