How Secure is Secure? On message and IV lengths for synchronous stream ciphers

Erik Zenner, Martin Boesgaard

Research output: Working paperResearchpeer-review


In this paper, we discuss security properties for synchronous stream ciphers. Let the key size and claimed security level be k. Following an initial proposal by Hawkes and Rose [6], we argue that a synchronous stream cipher should encrypt at most 2^(k/2) plaintext blocks before changing the key. We claim further that a synchronous stream cipher should ideally provide for IV sizes of both k/2 and k, with the second size being mandatory. In this context, recent results by Hong and Sarkar [3] are also briefl y discussed.
Original languageEnglish
Publication statusPublished - 2005
Externally publishedYes

Cite this