Questions tagged [chacha]
ChaCha is a family of stream ciphers proposed by Daniel J. Bernstein, as an evolution of Salsa20 with (conjecturally) improved resistance to cryptanalysis.
29
questions with no upvoted or accepted answers
9
votes
0
answers
601
views
Why is BLAKE2 faster than chacha20?
Chacha20 is essentially a hash function that maps 512-bit strings to other 512-bit strings which are in turn xored with the plaintext to create the ciphertext. Of the 512-bit input 128-bit are used ...
5
votes
0
answers
166
views
Why does chacha20 not use bitwise not?
Right now chacha20 and blake use constants in order to eliminate fixpoints. As far as I know however inserting a bitwise not every $n$ rounds should eliminate this ...
5
votes
0
answers
218
views
Why Salsa20 rotates columns vertically to optimize for SIMD?
I'm writing a school assignment and I'm trying to fully grasp the differences between Salsa20 and ChaCha.
I've come to understand that by rotating upwards the initial matrix columns, DJB says that ...
4
votes
0
answers
160
views
ChaCha-based Sponge PRNG fails PractRand suite
TL;DR: My simple ChaCha-based sponge PRNG is getting "unusual" evaluation from PractRand test battery pretty reliably, sometimes even within the first GB; I'm trying understand why.
I was in ...
4
votes
0
answers
153
views
Why Block Ciphers
I fail to understand what block ciphers can do that stream ciphers cannot.
Also aren't they construct able from one another.
prg(stream cipher) -> prf -> prp(block cipher)
Any practical example ...
4
votes
0
answers
147
views
Creating an SPN cipher from ChaCha20 or Salsa20's double round function
Given that ChaCha20's building blocks have been also used to construct a hash function, can the double round function from either ChaCha20 or Salsa20 be used to construct a secure SP-network cipher?
...
4
votes
0
answers
245
views
How secure is $\operatorname{AES256}_{\operatorname{ECB}}(\operatorname{ChaCha20}(\text{plaintext}))$?
Suppose I encrypt a bytestream using ChaCha20, and then encrypt the resulting ciphertext using AES in ECB mode. How secure is the combination?
3
votes
0
answers
211
views
Does varying ChaCha rounds add any security?
This paper introduces 'Freestyle' a randomized, and variable round version of the ChaCha cipher. It uses the concept of hash based halting condition, where a decryption attempt with an incorrect key ...
3
votes
0
answers
110
views
Provably secure way of expanding permutations
Gimli is a 384-bit permutation that makes use of an internal 96-bit permutation which works on columns. Every 4 rounds starting from the 1st a "small swap" is performed and every 4 rounds ...
3
votes
0
answers
371
views
Why are integers considered "little endian" in ChaCha20 function?
Why the ChaCha20 - IETF algorithm that generates 512 bit keystream per 32 bit counter (that gets incremented), considers "the input words" that form the internal state as little endian ? ...
3
votes
0
answers
877
views
Chacha20 random nonce + counter
I need to establish potentially infinite secure streams of data between many remote devices with very few resources. Chacha20 is lightweight enough, but I do not trust myself to implement a reliable ...
2
votes
0
answers
343
views
Why is using ChaCha20 for disk encryption insecure?
https://en.wikipedia.org/wiki/Disk_encryption_theory
Why do we use XTS over CTR for disk encryption?
If we used ChaCha20 (without authentication) by simply encrypting each disk sector with the same ...
2
votes
0
answers
159
views
Encryption: filename + timestamp as info for HKDF-Expand
Let's assume that a user wants to symmetrically encrypt the files in one of his folders (being able to decrypt them later).
For this, I have come up with the following procedure:
A random 32 byte ...
2
votes
0
answers
165
views
How are ChaCha-based ARC4Random CSPRNGs initialized and reseeded?
I'm doing a spare-time project to collect cryptographic algorithms, implement them, and lastly benchmark them.
For the CSPRNG part, I'm evaluating NIST-SP-800-90Ar1 HMAC-DRBG and CTR-DRBG (Hash-DRBG ...
1
vote
0
answers
72
views
Extended-Chacha20
Research paper: "Extended-Chacha20 Stream Cipher With
Enhanced Quarter Round Function"
The initial matrix is 6x6, but what are the exact inputs for each index, in other words, how will you ...