Content deleted Content added
Tags: Mobile edit Mobile web edit |
→top: "half an hour" is incorrect: with (2^32) blocks, 64 bits per block, 8 MB (8388608 bytes) per second, and 8 bits per byte, the average number of seconds is ((2^32)*64)/(8388608*8), or 4096 seconds, which is roughly 1.14 hours. Tags: Mobile edit Mobile app edit Android app edit App full source |
||
Line 65:
Securely using a secure synchronous stream cipher requires that one never reuse the same keystream twice. That generally means a different [[Cryptographic nonce|nonce]] or key must be supplied to each invocation of the cipher. Application designers must also recognize that most stream ciphers provide not ''authenticity'' but ''privacy'': encrypted messages may still have been modified in transit.
Short periods for stream ciphers have been a practical concern. For example, 64-bit block ciphers like [[Data Encryption Standard|DES]] can be used to generate a keystream in [[output feedback]] (OFB) mode. However, when not using full feedback, the resulting stream has a period of around 2<sup>32</sup> blocks on average; for many applications, the period is far too low. For example, if encryption is being performed at a rate of 8 [[megabyte]]s per second, a stream of period 2<sup>32</sup> blocks will repeat after about
Some applications using the stream cipher [[RC4]] are attackable because of weaknesses in RC4's key setup routine; new applications should either avoid RC4 or make sure all keys are unique and ideally [[related key|unrelated]] (such as generated by a well-seeded [[Cryptographically secure pseudorandom number generator|CSPRNG]] or a [[cryptographic hash function]]) and that the first bytes of the keystream are discarded.
| |||