Most of comments and articles about this issue focus on encryption, but I'd argue that authentication is far more important part for this discussion.
When using stream ciphers you have two pieces of data of exactly the same length, which you merge (XOR) together to get a third piece of data.
(Stream ciphers are essentially just a way to extend your short piece of random data into the longer piece of data -- keystream -- of the message length).
Thinking this way, "key" is not at all like door key, not a combination lock, and not instructions for constructing data -- it's just another piece of data, which you possess, maybe in your mind only. It's called "key" only for convenience.
Now, after encryption, you own two pieces of information -- keystream and encrypted text. There is no right way to produce the original data unless you know what the original data is: any way of combining encrypted texts with any other data will produce correct results, but not always the original data. The meaning of the result depends only on interpretation; and the only way to learn with 100% certainty that the decrypted data is really the original data is to ask you (provided that you don't lie). For example, it is theoretically possible that "I love US" encrypted with one keystream and decrypted with a different keystream will produce "I'm a spy", but only you can certify that this interpretation is wrong, because you know what the original said. And the only way to learn this, is to ask you to testify against yourself.
In order to have an interpretation that the decrypted data is the original data with less than 100% certainty, but without having to ask you, is to use authentication. You have authenticated data, for example, by applying some authentication function, and providing the result of the authentication function along the encrypted text. What do authentication functions do? They tell, with some limited but high probability, that you used this keystream and/or that plaintext to produce encrypted text. Let's say, you used HMAC for authentication. By applying HMAC with your "key" (it can be derived from the encryption key or just a new piece of data), for example, to encrypted text, you certified that this "key" was used to encrypt original data. Is it an act of testifying against yourself to provide the piece of information (authentication key) that will tell with high probability that the original data is the decrypted data (or the keystream is the one used for encryption)?
(PS I know that courts don't deal with 100% certainties, but forget about it for a moment :)
When using stream ciphers you have two pieces of data of exactly the same length, which you merge (XOR) together to get a third piece of data.
(Stream ciphers are essentially just a way to extend your short piece of random data into the longer piece of data -- keystream -- of the message length).
Thinking this way, "key" is not at all like door key, not a combination lock, and not instructions for constructing data -- it's just another piece of data, which you possess, maybe in your mind only. It's called "key" only for convenience.
Now, after encryption, you own two pieces of information -- keystream and encrypted text. There is no right way to produce the original data unless you know what the original data is: any way of combining encrypted texts with any other data will produce correct results, but not always the original data. The meaning of the result depends only on interpretation; and the only way to learn with 100% certainty that the decrypted data is really the original data is to ask you (provided that you don't lie). For example, it is theoretically possible that "I love US" encrypted with one keystream and decrypted with a different keystream will produce "I'm a spy", but only you can certify that this interpretation is wrong, because you know what the original said. And the only way to learn this, is to ask you to testify against yourself.
In order to have an interpretation that the decrypted data is the original data with less than 100% certainty, but without having to ask you, is to use authentication. You have authenticated data, for example, by applying some authentication function, and providing the result of the authentication function along the encrypted text. What do authentication functions do? They tell, with some limited but high probability, that you used this keystream and/or that plaintext to produce encrypted text. Let's say, you used HMAC for authentication. By applying HMAC with your "key" (it can be derived from the encryption key or just a new piece of data), for example, to encrypted text, you certified that this "key" was used to encrypt original data. Is it an act of testifying against yourself to provide the piece of information (authentication key) that will tell with high probability that the original data is the decrypted data (or the keystream is the one used for encryption)?
(PS I know that courts don't deal with 100% certainties, but forget about it for a moment :)