The Scream cipher is a word-based stream cipher developed by Shai Halevi, Don Coppersmith and Charanjit Jutla from IBM.
The cipher is designed as a software efficient stream cipher. The authors describe the goal of the cipher to be a more secure version of the SEAL cipher.
The general design of Scream is close to the design of SEAL with block cipher-like round functions. There are two versions of Scream. One of them, Scream-F, reuses the S-boxes from the Advanced Encryption Standard (AES) block cipher, while the other, Scream, internally generates new, key-dependent S-boxes as part of the initialization phase. The round function is also based on the AES-round function, but is narrower, 64 bits instead of 128 bits.
The cipher uses a 128-bit key and a 128-bit nonce. It is efficient in software, running at 4-5 cycles per byte on modern processors.
The cipher was presented at the Fast Software Encryption (FSE) conference in 2002.