Skip to main content
Cryptography

Questions tagged [chacha]

Ask Question

ChaCha is a family of stream ciphers proposed by Daniel J. Bernstein, as an evolution of Salsa20 with (conjecturally) improved resistance to cryptanalysis.

179 questions
Newest Active Bountied Unanswered
2 votes
1 answer
267 views

Does triple ChaCha20 have 256-bit post-quantum security?

Experts suggested 3DES when AES wasn't developed yet, since meet-in-the-middle attack, they suggested triple DES. Grover's algorithm, a quantum algorithm, weakens symmetric encryptions, how about ...
Flan1335's user avatar
Flan1335
  • 361
1 vote
1 answer
330 views

Age: stream cipher with public key cryptography?

I have some rudimentary cryptography knowledge but am by no means an expert. I generally understand stream ciphers, such as such as ChaCha20-Poly1305, to be symmetric. I am wondering how age (https://...
incisor_supervisor's user avatar
incisor_supervisor
  • 11
0 votes
1 answer
157 views

Do multiple keys mitigate Grover algorithm?

Grover, a quantum algorithm, weakens AES and ChaCha20. Is it possible to use multiple symmetric keys to encrypt a message multiple times to achieve 256-bit security for quantum computers?
Flan1335's user avatar
Flan1335
  • 361
1 vote
1 answer
502 views

XChaCha20-Poly1305 question about IV's

I've a question about XChaCha20-Poly1305, from a brute force perspective. Suppose we have the power to brute force crack it. If the IV is known to the attacker and it's only one file. The time needed ...
Andrew's user avatar
Andrew
  • 13
7 votes
2 answers
780 views

Fast cipher without needing hardware support (like ChaCha20) for disk encryption

On my old laptop, ChaCha20 is quite a bit faster than AES as there is no hardware acceleration for AES. But for disk encryption AES based schemes seem to be the only option, as a stream cipher like ...
JanKanis's user avatar
JanKanis
  • 233
2 votes
0 answers
343 views

Why is using ChaCha20 for disk encryption insecure?

https://en.wikipedia.org/wiki/Disk_encryption_theory Why do we use XTS over CTR for disk encryption? If we used ChaCha20 (without authentication) by simply encrypting each disk sector with the same ...
Mihai's user avatar
Mihai
  • 21
4 votes
0 answers
160 views

ChaCha-based Sponge PRNG fails PractRand suite

TL;DR: My simple ChaCha-based sponge PRNG is getting "unusual" evaluation from PractRand test battery pretty reliably, sometimes even within the first GB; I'm trying understand why. I was in ...
Marandil's user avatar
Marandil
  • 149
1 vote
1 answer
1k views

XChaCha20-Poly1305 vs Plain ChaCha20-Poly1305 performance

I know that the security of both are the same (only nonce size is different). But which one is faster and better to use, when encrypting a lot of files (500+, from 1MB to 200MB)?
kiiro's user avatar
kiiro
  • 25
1 vote
1 answer
140 views

Is it possible to extend CMAC for ChaCha

CMAC is defined for AES for authentication. My question is pretty simple: is it possible to extend CMAC for ChaCha? Does it even make sense? I cannot find anything related and I am wondering if I am ...
Pol Henarejos's user avatar
Pol Henarejos
  • 13
0 votes
1 answer
140 views

Various attacks on cipher-images & tools, especially stream-cipher?

What kind of attack of image encryption that exist out there, especially if the cipherimage was created using secure stream-cipher like Salsa20 (256 key) or ChaCha20 (256 key)? From https://cr.yp.to/...
akez's user avatar
akez
  • 87
1 vote
1 answer
431 views

Dividing an encrypted file is secure against classical or quantum

I'm very new to cryptography and this may sound so foolish. Often I read quantum computers will brute force keys. Let's assume this is true (does it depend on key length? or on an algorithm? I don't ...
hajalev896's user avatar
hajalev896
  • 13
6 votes
1 answer
4k views

is XChaCha20 stronger than ChaCha20?

Some of the encrypted messenger apps and password managers use extended version of Bernstein's ciphers and some of them not. Viber-Salsa20 Wire-ChaCha20 Threema-XSalsa20 Sid-Salsa20 Nordpass-XChaCha20 ...
barzo66's user avatar
barzo66
  • 61
1 vote
0 answers
215 views

Is ChaCha20 + HMAC(SHA3) output indistinguishable from randomness?

I was wondering, if the output of following type of ChaCha + HMAC scheme is indistinguishable from randomness: ...
The amateur programmer's user avatar
The amateur programmer
  • 113
0 votes
1 answer
165 views

ChaCha Single-Use RNG with All Zero Plaintext + Nonce

I am creating an internal application that will be used to generate and manage self-signed certificates and certificate authorities. Its primary use will be for generating certificates used in SSL ...
Goodies's user avatar
Goodies
  • 145
4 votes
0 answers
153 views

Why Block Ciphers

I​ fail to understand what block ciphers can do that stream ciphers cannot. Also aren't they construct able from one another. prg(stream cipher) -> prf -> prp(block cipher) Any practical example ...
xzijoq's user avatar
xzijoq
  • 41

15 30 50 per page
1
2
3 4 5
12