Symmetric encryption algorithms are categorized into two: block and stream ciphers. This article explores block cipher vs. stream cipher, their respective operation modes, examples, and key differences. However, before delving into these in detail, let us understand the basics first.

Symmetric cryptography (key cryptography/private key cryptography) involves using a shared key/secret to access an encoded message between two entities. The sender shares the key cipher to the receiver to decrypt the message. The encryption algorithm emulates a one-time pad system to protect the original message from unauthorized access. The cipher algorithms generate a truly random key cipher used only once with the one-time pad system. Anyone who does not possess the secret/key cannot interpret the encrypted message.

Let’s see the differences (short introduction)

Block ciphers encrypt data in blocks of set lengths, while stream ciphers do not and instead encrypt plaintext one byte at a time. The two encryption approaches, therefore, vary widely in implementation and use-cases.

What are Block Ciphers?

Block ciphers convert data in plaintext into ciphertext in fixed-size blocks. The block size generally depends on the encryption scheme and is usually in octaves (64-bit or 128-bit blocks). If the plaintext length is not a multiple of 8, the encryption scheme uses padding to ensure complete blocks. For instance, to perform 128-bit encryption on a 150-bit plaintext, the encryption scheme provides two blocks, 1 with 128 bits and one with the 22 bits left. 106 Redundant bits are added to the last block to make the entire block equal to the encryption scheme’s ciphertext block size.

While Block ciphers use symmetric keys and algorithms to perform data encryption and decryption, they also require an initialization vector (IV) to function. An initialization vector is a pseudorandom or random sequence of characters used to encrypt the first block of characters in the plaintext block. The resultant ciphertext for the first block of characters acts as the initialization vector for the subsequent blocks. Therefore, the symmetric cipher produces a unique ciphertext block for each iteration while the IV is transmitted along with the symmetric key and does not require encryption.

Block encryption algorithms offer high diffusion; that is, if a single plaintext block were subjected to multiple encryption iterations, it resulted in a unique ciphertext block for each iteration. This makes the encryption scheme relatively tamper-proof since it is difficult for malicious actors to insert symbols into a data block without detection. On the other hand, block ciphers have a high error propagation rate since a bit of change in the original plaintext results in entirely different ciphertext blocks.

Block Cipher Operation Modes

Several block cipher modes of operation have been developed to enable the encryption of multiple blocks of long data. These modes fall into two categories: Confidentiality-only and Authenticated encryption with additional data modes.

Confidentiality-only Modes

The Confidentiality-only cipher mode of operation focuses on keeping communication between two parties private. These modes include:

1. Electronic codebook (ECB) – In this mode, plaintext messages are divided into blocks where encryption is applied to each block separately. The ECB cipher mode does not hide data patterns well since it lacks diffusion and is usually not recommended for security frameworks.

2. Cipher block chaining mode (CBC) – This mode combines ciphertext from the previous block with current plaintext blocks using an XOR (exclusive disjunction) operation before performing the encryption. An IV is applied to the first plaintext block in a CBC mode to ensure uniqueness.

3. Propagating cipher block chaining (PCBC) – In this mode, the encryption scheme performs an exclusive disjunction between the current plaintext, the previous plaintext, and the previous ciphertext before running the encryption algorithm. This causes minor changes in the ciphertext to propagate indefinitely during encryption and decryption.

Authenticated encryption with additional data – This mode of operation for block ciphers ensures data authenticity and confidentiality. This mode can be further sub-divided into:

1. Galois/counter mode (GCM) – Uses an incremental counter that generates a universal hash over a finite binary field (Galois field) to generate message authentication codes before encryption and decryption.

2. Synthetic initialization vector (SIV) – This type of block cipher uses an encryption key, plaintext input, and a header (authenticated variable-length octet strings) to enable authenticated encryption. SIV produces a deterministic ciphertext that keeps the plaintext private while ensuring the authenticity of both the header and ciphertext.

Examples of Block Ciphers

Block ciphers form the basis of most modern cipher suites. Some commonly used block cipher encryption standards include:

Data Encryption Standard (DES)

A 56-bit symmetric key algorithm was initially used to protect sensitive, confidential information. DES has since been withdrawn due to short key length and other security concerns but is still viewed as a pioneer encryption standard.

Advanced Encryption Standard (AES)

A popular block cipher that encrypts data in blocks of 128 bits using 128, 192, and 256-bit symmetric keys. The underlying block cipher uses substitution-permutation and transposition techniques to produce ciphertext by shuffling and replacing input data in a sequence of linked computations. AES is a globally accepted encryption standard since cryptanalysis efforts against its algorithms have been unsuccessful.


Twofish is an encryption standard that uses a Feistel network, a complex key schedule, and substitution techniques to separate the key and ciphertext. The standard encrypts plaintext data in blocks of128 bits, with flexible key sizes between 128 and 256 bits long.

Other encryption schemes that use block ciphers include 3DES, Serpent, and Blowfish, among others.

What are Stream Ciphers?

A stream cipher encrypts a continuous string of binary digits by applying time-varying transformations on plaintext data. Therefore, this type of encryption works bit-by-bit, using keystreams to generate ciphertext for arbitrary lengths of plain text messages. The cipher combines a key (128/256 bits) and a nonce digit (64-128 bits) to produce the keystream — a pseudorandom number XORed with the plaintext to produce ciphertext. While the key and the nonce can be reused, the keystream has to be unique for each encryption iteration to ensure security. Stream encryption ciphers achieve this using feedback shift registers to generate a unique nonce (number used only once) to create the keystream.

Encryption schemes that use stream ciphers are less likely to propagate system-wide errors since an error in the translation of one bit does not typically affect the entire plaintext block. Stream encryption also occurs in a linear, continuous manner, making it simpler and faster to implement. On the other hand, stream ciphers lack diffusion since each plaintext digit is mapped to one ciphertext output. Additionally, they do not validate authenticity, making them vulnerable to insertions. If hackers break the encryption algorithm, they can insert or modify the encrypted message without detection. Stream ciphers are mainly used to encrypt data in applications where the amount of plain text cannot be determined and in low latency use-cases.

Types of Stream Ciphers

Stream ciphers fall into two categories:

Synchronous stream ciphers

The keystream block is generated independently of the previous ciphertext and plaintext messages in a synchronous stream cipher. The most common stream cipher modes use pseudorandom number generators to create a string of bits combine it with the key to form the keystream, which is XORed with the plaintext to generate the ciphertext.

Self-synchronizing/asynchronous stream ciphers

A self-synchronizing stream cipher, also known as ciphertext autokey, generates the keystream block as a function of the symmetric key and fixed size (N-bits) of the previous ciphertext block. Altering the ciphertext alters the content of the next keystream so that asynchronous stream ciphers can detect active attacks. These ciphers also offer limited error propagation since a single-digit error can affect N bits at most.

Examples of Stream Ciphers

Popular encryption schemes that use stream ciphers include:

Rivest Cipher (RC4)

RC4/ARC4/ARCFOUR is a fast, simple encryption algorithm developed in 1987 to implement byte-by-byte encryption using 64 or 128 bits long keys. RC4 is widely used in Transport Layer Security, Secure Sockets Layer, and the IEEE 802.11 WLAN standard. The popular encryption scheme comes in various flavors, including SPRITZ, RC4A, and RC4A+, among others.


Salsa20 is an efficient, modern encryption cipher that relies on an expansion function to produce the encryption keystream. In addition, Salsa20 depends on a core function that maps the key, a nonce digit, and constant vectors extracted from the expansion function to the keystream using add-rotate-XOR (ARX) operations.

Software-optimized Encryption Algorithm (SEAL)

SEAL is an additive binary stream cipher optimized for machines with 32-bit CPUs and sufficient memory resources. The encryption standard relies on a pseudorandom family that uses a length-increasing function and a 160-bit key to map the 32-bit string to a string of any length.

Other examples of stream ciphers include PANAMA, Scream, Rabbit, HC-256, and Grain, among others.

Key differences Between Block and Stream Ciphers

Bit conversion

Block ciphers transform plaintext 1 block (64/128/256 bits) at a time, while stream ciphers convert plaintext to ciphertext 1 byte at a time. This makes block ciphers slower since an entire block has to be accumulated before the data is encrypted/decrypted. In contrast, stream ciphers encrypt bits of data into individual symbols one at a time.

Translation principle

Stream ciphers utilize only the confusion principle to transform data, ensuring data confidentiality. On the other hand, block ciphers use data diffusion and confusion to encrypt plaintext. Block ciphers can, therefore, be used to implement authenticated encryption for enhanced security.


Stream ciphers use an XOR operation on the plaintext to create ciphertext. Stream-based encryption is easily reversed by XORing the ciphertext outputs. Block ciphers encrypt more bits at a time, making the decryption comparatively complex.

This article has already been published on and has been authorized by Crashtest Security for a republish.

Featured Image Courtesy – Photo by Goran Ivos on Unsplash