ChaCha20 is a stream cipher (closely related to Salsa20) which when coupled with the Poly1305 MAC, serves as an alternative to AES (AES_GCM).
Questions tagged [chacha20]
11 questions
4
votes
1 answer
An alternative for /dev/urandom
I like to overwrite my harddisk with random data.
Since /dev/urandom as source is too slow to overwrite a large amount of data in a reasonable time, I'm looking for a good alternative.
These two options meet my speed requirements:
(1) openssl with…
dev_new
2
votes
4 answers
Windows Server 2019: Add CHACHA20-POLY1305 ciphersuites for IIS
Is there a way to add/enable ECDHE-ECDSA-CHACHA20-POLY1305 and ECDHE-RSA-CHACHA20-POLY1305 ciphersuites on Windows Server 2019 (Build 1809 or later) for HTTPS configuration of IIS webserver?
According to the TLS Cipher Suites in Windows 10 v1809…
Pylyp Lebediev
- 123
- 5
2
votes
1 answer
Is AES the recommended symmetric cipher for production level software?
I was considering developing an application level software for file encryption after stress testing many of my implementations of popular symmetric ciphers. I would love to support multiple algorithms like AES (GCM / CBC/ CTR) , XChaCha20-Poly1305…
Vivekanand V
- 147
- 5
2
votes
1 answer
Bluetooth low energy encryption using chacha20-poly1305
The BLE data is encrypted using AES-CCM. the TLS1.3 removed AES-CCM from the cipher-suits due to security issue.
My question :
why don't they encrypt the BLE using chacha20-poly1205 ? is it because there is no hardware support for chach20-poly1305?
hardyrama
- 133
- 5
2
votes
1 answer
Are there reliable Linux ChaCha20-Poly1305 implementations available for stream encryption?
I'd currently encrypt a stream by piping it through the following command:
openssl enc -aes-256-cbc -pass file:/[keyfile path]
Is there a reliable implementation of ChaCha20-Poly1305 that I can use instead?
knaccc
- 220
- 1
- 5
2
votes
2 answers
Token generation and random numbers
I have a swift server, where currently authentication is handled through a simple email+hashed password combination. I want to replace this with an access token ( + expiration ) so I can remove the storage of email/password on the end-users device…
Antwan van Houdt
- 748
- 1
- 6
- 9
1
vote
1 answer
How to synchronize a nonce between two participants?
I am currently working with a symmetric algorithm which requires a nonce for encryption, and logically for decryption as well.
However, I am a bit confused about how I would go and synchronize the nonce on both clients.
Let's say my nonce is…
Sossenbinder
- 135
- 5
0
votes
0 answers
ChaCha Single-Use RNG with All Zero Plaintext + Nonce
I am creating an internal application that will be used to generate and manage self-signed certificates and certificate authorities. Its primary use will be for generating certificates used in SSL decryption by my clients' firewalls.
My goal is to…
Goodies
- 135
- 1
- 8
0
votes
0 answers
How to implement ChaCha20Poly1305 with large files? (Streamed/Chunked AEADs)
I have a private file encryption project that I'm working on that currently uses Encrypt-then-MAC. However, I've been looking at age and the article that's referenced in the spec that discusses encrypting streams with AEADs. It's not possible to…
Zachary
- 1
0
votes
1 answer
Using Chacha20 with a NULL nonce
I am new to ChaCha20. From the RFC --
The inputs to ChaCha20 are:
o A 256-bit key, treated as a concatenation of eight 32-bit little-
endian integers.
o A 96-bit nonce, treated as a concatenation of three 32-bit little-
endian…
SFlow
- 263
- 1
- 2
- 7
0
votes
1 answer
When encrypting password hashes, how to handle nonces?
I know that encrypting password hashes is a contentious issue. However, I have seen it recommended in some quarters. I know for instance that DropBox did this at one time with AES256. In these cases, all password hashes would be encrypted with one…
Prime
- 472
- 6
- 14