Stream Ciphers, Randomness and OTP Flashcards
Lecture 3 (12 cards)
What are some key features of Stream Ciphers?
- Encrypt one bit/byte at a time
- Encrypt using modulo 2 addition, also known as XOR
- Encryption and decryption options are identical
How secure is XOR in Stream Ciphers?
XOR is only as secure as the keystream that is generated i.e. if it’s a perfectly randomly generated keystream, then it’s flawless. However, if it isn’t and is used more than twice, then security collapses.
What is pseudo-randomness (PRNGs)?
They are generated values based on a seed
What are CSPRNGs?
They are an alternate variation of PRNGs, which are unpredictable, deterministic and secure
What do CSPRNGs require?
- Next-bit unpredictability i.e. if you know the first bit, you shouldn’t be able to predict the next bit, etc…
- Backtracking resistance i.e. previous communications should still be secure even if future communications are broken
What is unconditional security?
A cryptosystem is unconditionally or information-theoretically secure if it cannot be broken even with infinite computational resources
What is Perfect Secrecy?
The ciphertext should reveal absolutely no information about the plaintext
What is the One-Time-Pad?
The OTP is a type of stream cipher where the keystream is:
- Truly random
- As long as the message
- Used only once
- Kept secret
If all conditions are met, then it provides perfect secrecy.
How is the One-Time-Pad not practical?
- The keystream would need to be the same size as the file e.g. a 1GB file would have a 1GB keystream.
- You cannot ever re-use a keystream
What do modern stream ciphers do to generate their keystreams?
They use an initial seed key to generate an infinite pseudorandom keystream.
What is Crib Dragging?
Crib Dragging is when you take two ciphertexts produced by a stream cipher, and XOR them together to ‘cancel out’ the keystream, leaving the XOR of the two original plaintexts. This only works if the two messages are encrypted using the same OTP keystream.
How do modern stream ciphers use a nonce to generate their keystreams?
They use a nonce to alter the keystream for a given key, thereby allowing for multiple different configurations of keystreams using the same seed. The security requirement then ensures you use a unique key and nonce pair for each communication.
