Skip to content

Stream Ciphers

Rio edited this page Oct 19, 2019 · 11 revisions

Stream ciphers are obsoleted and will be removed soon. New users must use AEAD ciphers.

Name Key Size IV Length
aes-128-ctr 16 16
aes-192-ctr 24 16
aes-256-ctr 32 16
aes-128-cfb 16 16
aes-192-cfb 24 16
aes-256-cfb 32 16
camellia-128-cfb 16 16
camellia-192-cfb 24 16
camellia-256-cfb 32 16
chacha20-ietf 32 12
bf-cfb 16 8
chacha20 32 8
salsa20 32 8
rc4-md5 16 16

Stream Encryption/Decryption

Stream_encrypt is a function that takes a secret key, an initialization vector, a message, and produces a ciphertext with the same length as the message.

Stream_encrypt(key, IV, message) => ciphertext

Stream_decrypt is a function that takes a secret key, an initializaiton vector, a ciphertext, and produces the original message.

Stream_decrypt(key, IV, ciphertext) => message

The key can be input directly from user or generated from a password. The key derivation is following EVP_BytesToKey(3) in OpenSSL. The detailed spec can be found here: https://wiki.openssl.org/index.php/Manual:EVP_BytesToKey(3)

TCP

A stream cipher encrypted TCP stream starts with a randomly generated initializaiton vector, followed by encrypted payload data.

[IV][encrypted payload]

UDP

A stream cipher encrypted UDP packet has the following structure

[IV][encrypted payload]

Each UDP packet is encrypted/decrypted independently with a randomly generated initialization vector.

Clone this wiki locally