A self-synchronizing stream cipher
is a stream cipher
where the keystream
is generated as a function of the key and a fixed number of previous ciphertext
The encription function can be described by the following:
Sigmai=( ci-t, ci-(t+1), ... , ci-1),
zi = g(sigmai, k),
ci = h(zi, mi)
where sigma0 is the non-secret initial state, k is the key, g is the function that produces the keystream zi, and h is the output function.
- Self-synchronization, possible to resynch if ciphertext digits are inserted or deleted beacuse it's operating on a fixed number of ciphertext digits.
- Limited error propagation, if the ciphertext block is size t (see above) only t digits are effected if a digit is inserted, changed, or deleted. The stream will resynch on the next block
- active attacks
Property 2 implies that the attacker can corrupt t digits by corrupting a single one in the stream, thereby increasing the likely hood that the attack will be detected. It is a consequence of property 1 that the dection of an insertion, deletion, or replay attack will be harder to detect.
- Diffusion of plaintext statistics