Questions tagged [chacha]
ChaCha is a family of stream ciphers proposed by Daniel J. Bernstein, as an evolution of Salsa20 with (conjecturally) improved resistance to cryptanalysis.
179
questions
0
votes
1
answer
236
views
What is the lightest cipher that provides AES like security?
The lightest, or fastest cipher, that is well known and quite secure like AES. Is ChaCha20 a good option? Are there any better alternatives that are faster but still as secure?
- 25
2
votes
1
answer
5k
views
XChaCha20 vs AES 128 security and speed
Is XChaCha20 with 256 bit key and 192 bit nonce more secure than 128 bit key 128 bit key nonce AES, due to using larger key/nonce sizes? Isn't it supposed to be faster due to being a stream cipher? (...
- 25
1
vote
1
answer
57
views
How to interpret algorithm diagrams
It's been a while since I know about cryptography, and always end up seing diagrams like this.
However I have never been able to understang their meaning. I hope someone can explain in detail. Thank ...
0
votes
1
answer
159
views
Encrypting two messages with the same content with different keys/IVs still secure if attacker knows they are the same?
I want to store two ciphertexts inside the same file.
The data stored in each ciphertext is the same (except for padding), but the data was encrypted with different keys and IVs. Both ciphertexts were ...
- 25
1
vote
2
answers
356
views
Faster cipher than AES256-CBC to use for DRM purpose
I have to develop a program using a "secret" locally stored encoded program for a school project.
For this I have to decipher the code on the fly to use it. The project recommend the use of ...
- 11
0
votes
0
answers
442
views
Nonces in chacha20poly1305 vs chacha20
I'm currently working on replacing the chacha20 encryption in my app with chacha20poly1305, but I'm running into a few questions that I can't seem to find clear answers to, mainly stemming from the ...
0
votes
0
answers
57
views
Applicability of theoretical attack procedure in actual attack to ChaCha cipher
I was studying the theoretical attacks on ChaCha cipher here (See section 3).
There is one special attack procedure which require key-IV(Initial Vector) pairs. These key-IV pairs are special in the ...
- 145
0
votes
1
answer
307
views
XChaCha20 With a Zeroed Nonce?
We know that for ChaCha20 and XChaCha20, the same key can never be used with the same nonce. But let's say I use a random 256-bit key every time... Then the nonce can be whatever because the key is ...
- 449
0
votes
1
answer
161
views
Can the security of Salsa20/Chacha20 be expanded to 448-bits if I fill the nonce and the Nothing-up-my-sleeve numbers with key material?
As I studied, Salsa20/Chacha20 is basically a hash function that accepts a 64-byte input and returns a output of the same size of input.
128-bits of the input are filled with four "Nothing-up-my-...
- 877
1
vote
0
answers
248
views
xChaCha20 Block Keys for Poly1305
So xChaCha20 has a nonce size large enough to safely use a random nonce with the same key. Poly1305 generally uses the first block of the cipher's output to generate its nonce. For xChaCha20 it would ...
- 123
0
votes
1
answer
3k
views
How to choose between AES256-GCM, XSalsa20Poly1305 and XChaCha20Poly1305?
In libsodium, there're 3 symmetric encryption(stream cipher) which are AES256-GCM(Hardware-accelerated), XSalsa20Poly1305 and XChaCha20Poly1305(uncertain which version of libsodium add support to ...
- 159
1
vote
0
answers
255
views
What is the best way to save ChaCha20 Nonce in Cipher-Image BMP file?
I have a question about ChaCha20. As far as I know ChaCha20 is a cipher algorithm that uses 4 inputs:
Key (secret)
Constant (not secret)
Block Number/Counter (keystream block number)
Nonce (random ...
- 87
1
vote
1
answer
421
views
Does Salsa20/ChaCha20 still provide Integrity when Encrypt Bitmap?
Forgive me for this question. I have an idea to encrypt *.bmp bitmap files using ChaCha20/Salsa20 without Poly1305.
This is just a simple program, where I can encrypt *.bmp bitmap images, with the ...
- 87
0
votes
1
answer
207
views
Where can I find test vectors for ChaCha20 (trying to understand Wikipedia example)?
I was playing around with stream ciphers an found this Wikipedia ChaCha20 page (the ChaCha variant). What I'm lost with is how to test this code. There are no testvectors anywhere on that page and I ...
1
vote
0
answers
78
views
Impact of partitioning oracle attacks on file encryption?
I've just learned about partitioning oracle attacks recently, and I would like to clarify some things that are a little foggy to me right now.
According to this thread,
The aim is the recovery of a ...
- 449