EPFL Logo
fr|en
Se Connecter
Concept

Stream cipher attacks

Stream ciphers, where plaintext bits are combined with a cipher bit stream by an exclusive-or operation (xor), can be very secure if used properly. However, they are vulnerable to attacks if certain precautions are not followed: keys must never be used twice valid decryption should never be relied on to indicate authenticity Stream ciphers are vulnerable to attack if the same key is used twice (depth of two) or more. Say we send messages A and B of the same length, both encrypted using same key, K. The stream cipher produces a string of bits C(K) the same length as the messages. The encrypted versions of the messages then are: E(A) = A xor C E(B) = B xor C where xor is performed bit by bit. Say an adversary has intercepted E(A) and E(B). They can easily compute: E(A) xor E(B) However, xor is commutative and has the property that X xor X = 0 (self-inverse) so: E(A) xor E(B) = (A xor C) xor (B xor C) = A xor B xor C xor C = A xor B If one message is longer than the other, our adversary just truncates the longer message to the size of the shorter and their attack will only reveal that portion of the longer message. In other words, if anyone intercepts two messages encrypted with the same key, they can recover A xor B, which is a form of running key cipher. Even if neither message is known, as long as both messages are in a natural language, such a cipher can often be broken by paper-and-pencil methods. During World War II, British cryptanalyst John Tiltman accomplished this with the Lorenz cipher (dubbed "Tunny"). With an average personal computer, such ciphers can usually be broken in a matter of minutes. If one message is known, the solution is trivial. Another situation where recovery is trivial is if traffic-flow security measures have each station sending a continuous stream of cipher bits, with null characters (e.g. LTRS in Baudot) being sent when there is no real traffic. This is common in military communications. In that case, and if the transmission channel is not fully loaded, there is a good likelihood that one of the ciphertext streams will be just nulls.

Source officielle
À propos de ce résultat
Cette page est générée automatiquement et peut contenir des informations qui ne sont pas correctes, complètes, à jour ou pertinentes par rapport à votre recherche. Il en va de même pour toutes les autres pages de ce site. Veillez à vérifier les informations auprès des sources officielles de l'EPFL.
Cours associés (2)
COM-401: Cryptography and security
This course introduces the basics of cryptography. We review several types of cryptographic primitives, when it is safe to use them and how to select the appropriate security parameters. We detail how
COM-301: Computer security and privacy
This is an introductory course to computer security and privacy. Its goal is to provide students with means to reason about security and privacy problems, and provide them with tools to confront them.

Copyright © 2025 EPFL, tous droits réservés

Graph Chatbot

Chattez avec Graph Search

Posez n’importe quelle question sur les cours, conférences, exercices, recherches, actualités, etc. de l’EPFL ou essayez les exemples de questions ci-dessous.

AVERTISSEMENT : Le chatbot Graph n'est pas programmé pour fournir des réponses explicites ou catégoriques à vos questions. Il transforme plutôt vos questions en demandes API qui sont distribuées aux différents services informatiques officiellement administrés par l'EPFL. Son but est uniquement de collecter et de recommander des références pertinentes à des contenus que vous pouvez explorer pour vous aider à répondre à vos questions.