A

stream cipher where the

keystream is generated independently of the

plaintext message.

The equation for a synchronous cipher is:

let

sigma_{i+1}=f(sigma_{i}, k ),

*z*_{i}=g( sigma_{i}, k ),

*c*_{i}=h( *z*_{i}, *m*_{i}),

where:
sigma_{0} is the initial state determined from the key *k*, *f* is the next state function, *g* is the function which produces the keystream *z*_{i}, and *h* is the output function which combines the keystream and the plaintext to produce the ciphertext *c*_{i}.

Properties of synchronous stream ciphers

- Both the sender and the receiver must be synchronized, eg. using the same key and position in that key.
- No error propagation, a modified ciphertext digit (not deleted) has no effect on other digits in the ciphertext
- Active attacks:

Because of the first property, the insertion, deletion, or replay of ciphertext digits by an active adversary causes immediate loss of synchronization.

An active attacker might possibly attack select ciphertext digits and know exactly what effect those changes have on the plaintext.

Many of these are

Additive Stream Ciphers