How Secure is Secure? On message and IV lengths for synchronous stream ciphers

Erik Zenner, Martin Boesgaard

Research output: Working paperResearchpeer-review

Abstract

In this paper, we discuss security properties for synchronous stream ciphers. Let the key size and claimed security level be k. Following an initial proposal by Hawkes and Rose [6], we argue that a synchronous stream cipher should encrypt at most 2^(k/2) plaintext blocks before changing the key. We claim further that a synchronous stream cipher should ideally provide for IV sizes of both k/2 and k, with the second size being mandatory. In this context, recent results by Hong and Sarkar [3] are also briefl y discussed.
Original languageEnglish
Publication statusPublished - 2005
Externally publishedYes

Cite this