Quiz Entry - updated: 2026.07.14
What is the difference between a stream cipher and a block cipher?
A stream cipher encrypts the message bit by bit (typically by XOR with a key stream). A block cipher splits the message into fixed-size blocks and encrypts each block.
| Stream cipher | Block cipher | |
|---|---|---|
| Granularity | One bit (or byte) at a time | Fixed-size blocks (e.g. AES = 128 bits) |
| Encryption op | Usually m ⊕ keystream (XOR) |
A keyed permutation per block |
| Key length | Typically as long as the message (or expanded from a short seed via a PRG) | Short fixed key (128/192/256 bits) |
| Padding | Not needed | Required if message isn't a multiple of block size |
| Examples | RC4 (broken), ChaCha20 | AES, DES (broken), 3DES (obsolete), Blowfish |
| Use cases | Streaming media, low-latency, hardware (radio, GSM A5/1) | General-purpose, disk encryption, TLS records |
One-time pad — the perfect stream cipher:
- Keystream is truly random (not generated from a seed) and as long as the message.
- Provably unbreakable (Shannon 1949). The only "perfectly secret" cipher.
- Impractical because the key is huge and must be securely pre-shared. Used by spies in the Cold War (paper pads).
Modern reality: "stream ciphers" usually generate the keystream from a short key via a stream cipher algorithm (or a block cipher in a streaming mode like CTR), trading provable perfection for usability.
Tip: Block ciphers in counter (CTR) mode turn into stream ciphers — most modern systems (TLS, disk encryption) use AES-CTR or AES-GCM, which is technically a "stream cipher built from a block cipher."