Purpose of 4 keystreams

[zak100]

Consider the following pseudo-WEP protocol. The key is 4 bits and the IV is 2 bits. The IV is appended to the end of the key when generating the keystream. Suppose that the shared  secret key is 1010. The keystreams for the four possible inputs are as follows:

101000: 0010101101010101001011010100100 . . .

101001: 1010011011001010110100100101101 . . .

101010: 0001101000111100010100101001111 . . .

101011: 1111101010000000101010100010111 . . .

Suppose all messages are 8 bits long. Suppose the ICV (integrity check) is 4 bits long, and is calculated by XOR-ing the first 4 bits of data with the last 4 bits of data. Suppose the pseudo-WEP packet consists of three fields: first the IV field, then the message field, and last the ICV field, with some of these fields encrypted.

I found the following solution: 

a. We want to send the message m=10100000 using the IV=11 and using WEP. What will be the values in the three WEP fields?

Since IV = 11, the key stream is 111110100000 ……….

 

Given, m = 10100000

Hence, ICV = 1010 XOR 0000 = 1010

The three fields will be:

IV: 11

Encrypted message: 10100000 XOR 11111010 = 01011010

Encrypted ICV: 1010 XOR 0000 = 1010

What is the purpose of the key stream?

Somebody please guide me.

 

Zulfi.

[fiveworlds]

Quote

What is the purpose of the key stream?

Historically there was the idea of the enigma machine. This allowed you to make simple string replacements using a particular setting or key. If you had the key then you could decrypt the message encrypted by enigma. This was a bit insecure, at the time character -> character mappings worked relatively well eg A = C, D=K and so on as computers became more powerful they could easily decrypt such messages therefore a more powerful method of encryption was required.

The new method involved using complex maths/pseudo-random number generators to create a set of replacements based on a key which was called the keystream. Instead of single character -> character replacements it instead made replacements based on an array index (determined by some algorithm) in the set of replacements so given the keystream { A, F, G, I, K } . The first letter in the message would undergo some operation with the some letter in the keystream and so on until you have an encrypted message. So if you and I had the key and the generator we could send encrypted messages to each other. This was still insecure, if for instance you were attacked by an enemy they could send encrypted messages pretending to be me. Modern generators will use the idea of a public and private key. The public key can generate the keystream to decrypt messages. The private key can generate the keystream to encrypt messages. 

One thing to note is that the keysteam + generator/function must always create 1-1 mappings between characters for encryption e.g. A->G, B -> D. If you have anything greater than 1-1 mappings e.g. AK -> G and BG->G you have what is known as a hash which isn't easily reversible. Hashing is usually used for passwords to ensure that a hacker cannot get access to login information if they manage to hack a database somehow.

Edited July 2, 2020 by fiveworlds