Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Stream Cipher

Training Camp • Cybersecurity Glossary

What is Stream Cipher?

A symmetric cipher that encrypts data one bit or byte at a time by XOR-ing it with a pseudorandom keystream — e.g., ChaCha20 or the deprecated RC4.

Glossary > Cryptography & PKI > Stream Cipher

Stream Cipher — A symmetric cipher that encrypts data one bit or byte at a time by XOR-ing it with a pseudorandom keystream

Understanding Stream Cipher

A stream cipher is a symmetric encryption algorithm that encrypts data continuously, one bit or byte at a time, by combining the plaintext with a pseudorandom keystream — typically via XOR. Unlike block ciphers, which process fixed-size blocks, stream ciphers suit continuous data flows and situations where the total data length is unknown in advance, offering low latency and small footprint.

The core mechanism is a keystream generator: from a secret key and a nonce or initialization vector (IV), it produces a long pseudorandom sequence. Each plaintext bit is XORed with the corresponding keystream bit to produce ciphertext; the receiver regenerates the identical keystream from the same key and nonce and XORs again to recover the plaintext. The security rests entirely on the keystream being unpredictable and never reused — a stream cipher approximates the unbreakable one-time pad but with a practical, computed key.

Stream ciphers matter for real-time and resource-constrained encryption — voice, video, and wireless links — where their speed and minimal buffering shine. Their critical pitfall is keystream reuse: encrypting two messages with the same key and nonce lets an attacker XOR the ciphertexts to cancel the keystream and recover plaintext, which is exactly how flawed nonce handling broke WEP's RC4 usage. They also provide confidentiality but not integrity, so a separate MAC (as in the ChaCha20-Poly1305 AEAD construction) is needed to detect tampering. Because of cryptographic weaknesses, RC4 is now deprecated, while ChaCha20 is widely used in TLS 1.3.

For example, a secure video-conferencing application uses ChaCha20 to encrypt the audio/video stream in real time, generating fresh keystream from a per-session key and a unique nonce for each packet. This delivers confidentiality with minimal latency, while strict nonce management prevents keystream reuse and a companion Poly1305 tag ensures packets have not been altered in transit.

Learn More About Stream Cipher:

Ready to Get Certified?

Stream Cipher is one of the topics you'll master in the Security+ Boot Camp.

Security+ Boot Camp →