Cryptography Reference
In-Depth Information
3.6
Stream Ciphers
Some people seem to think that stream ciphers are bad in some way. Not at
all! Stream ciphers are extremely useful, and do their work very well.
Neils Ferguson and Bruce Schneier
— from Practical Cryptography (see [85, page 73])
Up to this juncture, we have studied the first kind of symmetric-key cryp-
tosystem, the block cipher . This section is devoted to the second kind, stream
ciphers . First, we need the following.
Keystreams, Seeds, and Generators
is the keyspace for a set of enciphering transformations, then a sequence
k 1 k 2 ··· ∈ K
If
K
is called a keystream . A keystream is either randomly chosen, or
is generated by an algorithm, called a keystream generator , which generates
the keystream from an initial small input keystream called a seed . Keystream
generators that eventually repeat their output are called periodic .
Finding sources of truly random numbers is a di0cult task at best. In
fact, it is impossible to generate arbitrarily long bitstrings and prove they are
random. Hence, we settle for what computers can give us. Pseudorandom
(recall the discussion on page 83) number generators (PRNG)s are a topic for
an entire text. However, we will not be concerned with the intricacies of such
investigations. We will assume that we have at our disposal a cryptographically
secure pseudorandom number generator (CSPRNG) ; see Appendix B on page
506.
Cryptographically Secure Pseudorandom Number Generators
A bit-producing number generator algorithm is a CSPRNG if the sequences
of bits produced satisfy the following properties.
1. The sequence of bits must be statistically random. One way of stating
this mathematically is that no polynomial-time algorithm can distinguish
the output of this number generator from that of a truly random num-
ber generator with probability greater than 1 / 2. This makes the number
generator a PRNG.
2. For every given output bit, the next output bit must be computationally
infeasible (see page 99) to predict, even given knowledge of all previous
bits, knowledge of the algorithm being used, and knowledge of the hard-
ware. This is the property that make the PRNG cryptographically secure ,
so this turns it into a CSPRNG.
With truly random sequences of numbers, each number is statistically inde-
pendent of other numbers in the sequence, so they are unpredictable. However,
with PRNGs, care must be taken to ensure that they are cryptographically se-
cure , namely, that they are unpredictable in the sense of property 2 above. We
Search WWH ::




Custom Search