All Questions
Tagged with chacha random-number-generator
10
questions
4
votes
0
answers
160
views
ChaCha-based Sponge PRNG fails PractRand suite
TL;DR: My simple ChaCha-based sponge PRNG is getting "unusual" evaluation from PractRand test battery pretty reliably, sometimes even within the first GB; I'm trying understand why.
I was in ...
- 149
0
votes
1
answer
165
views
ChaCha Single-Use RNG with All Zero Plaintext + Nonce
I am creating an internal application that will be used to generate and manage self-signed certificates and certificate authorities. Its primary use will be for generating certificates used in SSL ...
- 145
2
votes
3
answers
465
views
Benchmark for CSPRNG as stream ciphers?
My limitation in my security protocol is that I want my RNG as CSPRNG and I also want it to be super fast.
If I use Salsa20 or ChaCha or AES counter mode, I don't get the desired speed. I want my PRNG ...
- 39
2
votes
0
answers
165
views
How are ChaCha-based ARC4Random CSPRNGs initialized and reseeded?
I'm doing a spare-time project to collect cryptographic algorithms, implement them, and lastly benchmark them.
For the CSPRNG part, I'm evaluating NIST-SP-800-90Ar1 HMAC-DRBG and CTR-DRBG (Hash-DRBG ...
- 9,499
2
votes
1
answer
500
views
If ChaCha20 is being used just as a CSPRNG, is nonce needed?
I'm planning to use ChaCha20 just as a CSPRNG. Key is random (taken from strong initial entropy source) and will be constantly replaced via DJB's fast key-erasure scheme. What should I use as the ...
2
votes
1
answer
1k
views
Different ways of building a ChaCha20-based RNG
Let's say you're building RNG with ChaCha20 and the fast key erasure technique. There seem to be a few ways to do it.
The reference implementation in the SUPERCOP benchmarking toolkit looks like ...
- 351
2
votes
1
answer
1k
views
What are implementations of PRNGs based on ChaCha20? [closed]
I thought I'd find an implementation in NaCl, but /dev/urandom is what I find. Search engines samples revealed most implementations are broken.
What libraries are ...
- 409
10
votes
1
answer
782
views
Can reduced-round ChaCha be used as non-cryptographic fast PRNG to produce output indistinguishable from random data?
The fastest known attack against the Salsa20 family of stream ciphers requires 2137 simple operations against Salsa20/7, or 2244 against Salsa20/8. The 8-round version encrypts data at 1.88 cycles-per-...
- 15.4k
3
votes
1
answer
1k
views
384-bit ChaCha20 / Salsa20
The standard Salsa20 core is a $\{0,1\}^{384} \to \{0,1\}^{512}$ random function with a 16 byte constant ($\sigma$ for a 32-byte key), an 8 byte nonce, an 8 byte counter, and a 32 byte key. The hash ...
- 15.4k
5
votes
2
answers
3k
views
Using ChaCha20 as a PRNG with a variable-length seed
As far as I understand, the key stream of the ChaCha20 cipher may be used as a seeded PRNG, where the seed is used to set the key and the nonce. As described in RFC7539, ChaCha20 can be used with a ...
- 151