Stream Cipher
What is Stream Cipher?
Stream CipherA symmetric cipher that encrypts data one bit or byte at a time by XORing it with a pseudorandom keystream derived from a key and nonce.
A stream cipher generates a pseudorandom keystream from a secret key and a nonce (initial value), then XORs that stream byte-by-byte with the plaintext. Decryption regenerates the same keystream and XORs it with the ciphertext. Stream ciphers are well suited to streaming and resource-constrained environments because they have no block boundary and minimal state. Modern designs such as ChaCha20 and Salsa20 are software-friendly, fast, and constant-time, while older designs like RC4 are now broken and forbidden by TLS, WPA, and most standards. The cardinal rule of stream ciphers is never to reuse a (key, nonce) pair: two messages encrypted with the same keystream leak their XOR, which often suffices to recover both plaintexts. They are therefore typically used in authenticated modes such as ChaCha20-Poly1305.
● Examples
- 01
ChaCha20-Poly1305 is the dominant modern stream-cipher AEAD in TLS 1.3 and QUIC.
- 02
RC4 was historically used in WEP and SSL/TLS but is now disallowed.
● Frequently asked questions
What is Stream Cipher?
A symmetric cipher that encrypts data one bit or byte at a time by XORing it with a pseudorandom keystream derived from a key and nonce. It belongs to the Cryptography category of cybersecurity.
What does Stream Cipher mean?
A symmetric cipher that encrypts data one bit or byte at a time by XORing it with a pseudorandom keystream derived from a key and nonce.
How do you defend against Stream Cipher?
Defences for Stream Cipher typically combine technical controls and operational practices, as detailed in the full definition above.