Stream Ciphers

Electrical and Computer Engineering Department

Symmetric Key Cryptography

  • Involves cryptographic algorithms that use the same keys for both encryption and decryption.

  • Keys may be identical or transformed from one another.

  • Shared secret between parties for maintaining private communication.

  • Generally preferred for bulk encryption due to lower storage and faster transmission.

  • Asymmetric encryption may be used to exchange symmetric keys.

Stream Ciphers

  • Generate pseudorandom bits from a key and encrypt plaintext using XOR with these bits.

  • Applications: mobile phones, Wi-Fi, smart cards, Bluetooth, 4G, and TLS.

  • Key attributes:

    • Stateful vs Counter-based

    • Hardware vs Software

    • Examples of secure ciphers: Grain-128a, Salsa20; insecure ciphers: A5/1, RC4.

Mechanism of Stream Ciphers

  • Stream ciphers produce a pseudorandom stream called keystream from a key and a nonce.

  • The key (128/256 bits) must be secret; the nonce (64-128 bits) needs to be unique but not secret.

  • Encryption: C = P ⊕ KS, where P = plaintext, KS = keystream, and C = ciphertext.

  • Decryption follows the same process using XOR.

Types of Stream Ciphers

  • Stateful: Maintain a secret internal state that evolves during keystream generation.

  • Counter-Based: Generate keystream chunks using a key, nonce, and counter without maintaining internal state.

Feedback Shift Registers (FSRs)

  • Utilized in many stream ciphers due to their simplicity.

  • An array of bits with an update feedback function.

  • Updates use a feedback function to change the state and produce output bits.

  • Important to avoid short periods in FSRs as it increases predictability.

Linear Feedback Shift Registers (LFSRs)

  • FSRs with a linear feedback function, notable for predictability in cryptography.

  • The function can be analyzed using linear complexity and finite fields.

  • Maximal period can be guaranteed with proper feedback polynomials.

  • Secure designs need to maintain complexity, as linearity simplifies attacks.

Nonlinear Feedback Shift Registers (NFSRs)

  • NFSRs utilize a nonlinear feedback function, enhancing security.

  • Note the challenges in determining period or maximality of NFSRs without extensive trials.

Combining LFSRs and NFSRs

  • Grain-128a: Combines 128-bit LFSR and NFSR with a filter function, ensuring a secure keystream generation process.

Specific Stream Ciphers: A5/1 and RC4

  • A5/1: Cryptographically weak used in 2G mobile communications; easily vulnerable to attacks.

  • RC4: Widely used but flawed stream cipher; issues noted in WEP and TLS implementations due to statistical biases.

Salsa20

  • A modern CPU-optimized stream cipher utilizing a counter for keystream generation.

Potential Issues with Stream Ciphers

  • Nonce Reuse: Risk of reusing nonces leading to vulnerabilities.

  • Broken Implementations: Optimizations may introduce weaknesses.

  • Weak Ciphers in Hardware: Legacy systems may embed weak designs without proper safeguards.