A self-synchronizing stream cipher is a stream cipher where the keystream is generated as a function of the key and a fixed number of previous ciphertext digits.

The encription function can be described by the following:
Sigmai=( ci-t, ci-(t+1), ... , ci-1),
zi = g(sigmai, k),
ci = h(zi, mi)
where sigma0 is the non-secret initial state, k is the key, g is the function that produces the keystream zi, and h is the output function.


  1. Self-synchronization, possible to resynch if ciphertext digits are inserted or deleted beacuse it's operating on a fixed number of ciphertext digits.
  2. Limited error propagation, if the ciphertext block is size t (see above) only t digits are effected if a digit is inserted, changed, or deleted. The stream will resynch on the next block
  3. active attacks
    Property 2 implies that the attacker can corrupt t digits by corrupting a single one in the stream, thereby increasing the likely hood that the attack will be detected. It is a consequence of property 1 that the dection of an insertion, deletion, or replay attack will be harder to detect.
  4. Diffusion of plaintext statistics