Stream Ciphers

January 11, 2021 by Nitesh Malviya

Encryption and Decryption

Encryption is the process of converting plaintext to encrypted text. Since encrypted text cannot be read by anyone, encrypted text hides the original data from unauthorized users. Decryption is the process of converting encrypted data to plaintext. Basically, it is the reverse of encryption. It is used to decrypt the encrypted data so that only an authorized user can access and read the data. The process entailing encryption and decryption together is called cryptography.

Private and Public Keys in Cryptography

A key is a bit valued string which is used to convert the plaintext into cipher text and vice-versa. A key can be a word, number or phrase. Cryptography makes use of public and private keys. A public key is issued publicly by the organization and it is used by the end user to encrypt the data. The encrypted data, once received by the organization, is decrypted by using a private key and the data is converted to plaintext.

Encryption Types

Cryptography uses symmetric and asymmetric encryption for encryption and decryption of data. If the sender and the recipient of the data use the same key to encrypt and decrypt the data, it’s called symmetric encryption and if the keys are different for encryption and decryption then its asymmetric encryption. 

Now the basics are clear, let’s focus on the Stream Ciphers algorithm in this post.

Stream Ciphers

Stream Ciphers falls under the Symmetric Encryption category. Thus, using Stream Ciphers the sender and the recipient of the data uses the same key to encrypt and decrypt the data. 

Stream cipher is different from Block Cipher. In stream cipher one byte (8 bit) of data is encrypted at a time while in Block Cipher, a block of data is encrypted at a time (usually 128 bits).


Stream Ciphers make use of something called keystream. Keystream is a random 8-bit output which is generated by supplying a key to a pseudorandom bit generator. The 8 bit output generated is called keystream and is used in encryption and decryption of data in a given stream cipher algorithm.



  1. For encryption, plain text and keystream is required.
  2. The plain text and keystream produce cipher text using XOR Operation.
  3. Plain text is XOR’ed with keystream bit by bit to produce CipherText.


Plain Text : 10011001

Keystream  : 11000011


Cipher Text : 01011010


Steps – 

  1. For decryption, cipher text and the same keystream is required which was used for encryption.
  2. The cipher text and the keystream produce plain text using XOR Operation.
  3. Ciphertext is XOR’ed with keystream bit by bit to produce PlainText.


Cipher Text : 01011010

Keystream   : 11000011


Plain Text  : 10011001


Popular Stream Ciphers

Following are the popular stream ciphers used for encrypting the data – 

  • RC4 – It stands for Rivest Cipher 4 and is the most widely used Stream Ciphers of all. It has been used in various protocols like WEP, WPA and TLS.

Block Cipher and Stream Cipher differences

Following are the differences between Block Cipher and Stream Cipher in tabulated form – 


Block Ciphers Stream Ciphers
Block Ciphers converts plain text to cipher text by taking a block at a time Stream Ciphers converts plain text to cipher text by taking 1 byte of plain text at a time
Block Ciphers encrypt 64 bits or more at a time Stream Ciphers encrypt 8 bits at a time.
It is more simple than Stream Ciphers It is more complex than Block Ciphers
It uses confusion as well as diffusion. It uses only confusion.
Reverse Encryption is harder Reverse Encryption is very simple
Slower than stream cipher Faster than block cipher
It works on transposition techniques like Caesar cipher, polygram substitution cipher etc. It works on substitution techniques like rail-fence technique, columnar transposition technique etc.



Posted: January 11, 2021
Articles Author
Nitesh Malviya
View Profile

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog – and Linkedin –