Hi Everyone, We added the IETF's version of ChaCha named ChaChaTLS. It is slightly different than Bernstein's original version. The IETF's version of ChaCha is specified in https://tools.ietf.org/html/rfc7539.
ChaChaTLS is mostly the same as Bernstein's algorithm. A few of the differences are: 1. 256-bit key only 2. 20-rounds only 3. 12-byte nonce 4. 1-word block counter 5. Initial block counter can be specified We may want to backport Initial Block Counter back to Bernstein's ChaCha. It looks useful to me, and it can be done without breaking ChaCha ABI. There's a couple of open questions we are sorting out, and there may be some minor changes in the future. For example, we are not sure how to handle block counter wrap at the moment. At the moment we wrap and assert in Debug builds. We also disabled the SIMD implementation until we can get some independent test vectors that exercise large blocks. The wiki page with the documentation and sample code is available at https://www.cryptopp.com/wiki/ChaChaTLS. Jeff -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
