Questions tagged [chacha]

Question 1

XChaCha20 takes a 192-bit nonce and a 64-bit counter, but I need a 256-bit nonce. Can I simply XOR the 64-bit counter to the bottom of a 256-bit random nonce? This would be analogue to the XCTR mode ...

Question 2

Under the assumption that ChaCha20's nonce and counter are replaced with a 128-bit counter, how many blocks would it be secure up to? My intuition tells me it is secure even after encrypting $2^{128}$ ...

Question 3

Can an adversary invert some rounds of ChaCha20 (or ChaCha12) to obtain the internal state of a specific round? I mean, if an adversary can invert 12 rounds of ChaCha20 to obtain the internal state of ...

Question 4

The generalized ChaCha core permutation (as used in BLAKE and *NORX) consists of: $$ \mathrm{QuarterRound}(a, b, c, d):\\ \...

Question 5

chacha20 has 20 rounds and even that is somewhat deceptive because the rounds alternate between columns and diagonals such that you need 2 rounds to involve the entire state. However if you compare it ...

Question 6

If you take the quarter round function from ChaCha/BLAKE (128 bit permutation with 32-bit words or 256 bit permutation with 64-bit words; different rotation constants) Would you have a sound 128/256 ...

Question 7

When trying to implement a seeded CSPRNG, is there any security differences between: chacha20(seed, 0) chacha20(seed, 1) ... chacha20(seed, n) and ...

Question 8

salsa20/chacha20/blake/blake2/blake3 all utilize a 4x4 grid of words on which transformations occur row-wise and then column/diagonal-wise. State size varies between 512 and 1024 bits based on word ...

Question 9

As I understand it, the chacha20 algorithm is designed for use with 256-bit keys, but is it possible to use shorter keys than this without compromising the security? Say if i use a 192-bit key and set ...

Question 10

What is the security rationale behind incrementing by 1 in stream ciphers like ChaCha20Poly1305—which often only changes one or two bits and is very weak and predictible—versus other methods like ...

Question 11

My knowledge of cryptography nothing beyond basic so I am by no means an expert, but I do know a bit of undergraduate mathematics including number theory. I know that stream ciphers like ChaCha20 is ...

Question 12

I wrote a simple implementation of ChaCha20 encryptor for files in C using MbedTLS implementation. The process of encryption is standard - I set key, then for each block of fixed size I generate new ...

Question 13

Would it be possible to use ChaCha20 as a block cipher? With the key, the entire block function can be reversed.

Question 14

Is it possible to change the constant values of ChaCha20? and how it will affect the security of the cipher.

Question 15

Research paper: "Extended-Chacha20 Stream Cipher With Enhanced Quarter Round Function" The initial matrix is 6x6, but what are the exact inputs for each index, in other words, how will you ...

Stack Exchange Network

Questions tagged [chacha]

Can I have a 32-byte nonce XChaCha20 by XORing the counter?

ChaCha20 security boundary without a nonce

Is it possible to invert ChaCha20 rounds to recover an internal state of a specific round?

How to "fix" the ChaCha permutation?

Why do some ARX ciphers require many more rounds than others?

ChaCha/BLAKE quarter round as a standalone block cipher

CSPRNG: Difference between hashing in recursion and hashing with a counter?

Why do popular ARX ciphers have large states?

Using shortened key for Chacha20

Why increment counters by 1 in stream ciphers?

Can you use ChaCha20 as one-time pad?

ChaCha20 1Gb encryption speed question

ChaCha20 as a block cipher

Constant values of ChaCha20

Extended-Chacha20

Hot Network Questions