#chacha20 #cipher #cha-cha #xchacha20 #assembly

no-std c2-chacha

The ChaCha family of stream ciphers

10 releases

0.3.3 Oct 24, 2021
0.3.1 May 12, 2021
0.3.0 Nov 2, 2020
0.2.4 May 16, 2020
0.1.0 Feb 3, 2019

#228 in Cryptography

Download history 30614/week @ 2024-06-11 30209/week @ 2024-06-18 34987/week @ 2024-06-25 32148/week @ 2024-07-02 30369/week @ 2024-07-09 41855/week @ 2024-07-16 42283/week @ 2024-07-23 35791/week @ 2024-07-30 45844/week @ 2024-08-06 52165/week @ 2024-08-13 39989/week @ 2024-08-20 51247/week @ 2024-08-27 54408/week @ 2024-09-03 47218/week @ 2024-09-10 45886/week @ 2024-09-17 38810/week @ 2024-09-24

196,610 downloads per month
Used in 153 crates (6 directly)

MIT/Apache

145KB
4K SLoC

The ChaCha family of stream ciphers

Features

  • pure Rust implementation
  • supports the RustCrypto API
  • builds on stable Rust
  • portable
  • fast: within 15% of throughput of a hand-optimized ASM SIMD implementation (floodberry/chacha-opt) on my machine (a Xeon X5650, using ppv-lite86)
  • no-std compatible (std required only for runtime algorithm selection)

Supported Variants

ChaCha20: used in chacha20-poly1305 in TLS, OpenSSH; arc4random in the BSDs, Linux /dev/urandom since 4.8.

Ietf: IETF RFC 7539. Longer nonce, short block counter.

XChaCha20: constructed analogously to XSalsa20; a mixing step during initialization allows using a long nonce and along with a full-sized block counter.

ChaCha12, ChaCha8: faster; lower security margin of safety.


lib.rs:

Pure Rust ChaCha with SIMD optimizations.

Stream-cipher usage:

#[cfg(features = "std")]
fn demo() {
extern crate c2_chacha;

use c2_chacha::stream_cipher::{NewStreamCipher, SyncStreamCipher, SyncStreamCipherSeek};
use c2_chacha::{ChaCha20, ChaCha12};

let key = b"very secret key-the most secret.";
let iv = b"my nonce";
let plaintext = b"The quick brown fox jumps over the lazy dog.";

let mut buffer = plaintext.to_vec();
// create cipher instance
let mut cipher = ChaCha20::new_var(key, iv).unwrap();
// apply keystream (encrypt)
cipher.apply_keystream(&mut buffer);
// and decrypt it back
cipher.seek(0);
cipher.apply_keystream(&mut buffer);
// stream ciphers can be used with streaming messages
let mut cipher = ChaCha12::new_var(key, iv).unwrap();
for chunk in buffer.chunks_mut(3) {
    cipher.apply_keystream(chunk);
}
}

Dependencies

~1–1.6MB
~28K SLoC