# Technology # Sharing
Author / Cabinet Sweeping Monk
In encryption algorithms, we often encounter a new type of algorithm called ChaCha20. Now let’s take a look at its features and application scenarios.
Salsa20 is a stream cipher algorithm submitted to eSTREAM by Daniel J. Bernstein. It is built on a pseudo-random function based on add-rotate-xor (ARX) operations—32-bit modular addition, XOR, and circular shift operations. Salsa20 maps a 256-bit key, a 64-bit nonce, and a 64-bit stream position to a 512-bit output (there is also a 128-bit key version). This gives Salsa20 an unusual advantage as users can seek any position in the output stream in constant time. It can achieve a speed of about one byte per 4–14 cycles on modern x86 processors and has reasonable hardware performance. It is not patented, and Bernstein has also written several public domain implementations optimized for common architectures. Salsa20 has been submitted to eSTREAM. A related cryptographic algorithm, ChaCha, has similar features but a different circular shift function, and was released by Bernstein in 2008.
ChaCha20
Google chose ChaCha20 with Bernstein’s Poly1305 message authentication code as a replacement for RC4 in OpenSSL for secure internet communication. Google initially implemented HTTPS (TLS/SSL) traffic communication between the Chrome browser (Android version) and Google websites. Soon after, Google adopted it in TLS, and the ChaCha20 and Poly1305 algorithms became a new cipher suite in OpenSSH as [email protected]. Later, it became possible to avoid dependency on OpenSSL through compile-time options.
ChaCha20 is also used in the arc4random random number generator in OpenBSD and NetBSD operating systems, replacing the already weak RC4, and similarly in the CSPRNG subroutine of the kernel in DragonFly BSD. ChaCha20 has been standardized in RFC 7539. Its use in IKE and IPsec has been standardized in RFC 7634. In RFC 7905, ChaCha20-Poly1305 has been added to the TLS extension standard.
Advantages of ChaCha20-Poly1305
The reasons Google introduced a new encryption suite and prioritized it on all mobile Chrome browsers are:
-
ChaCha20-Poly1305 avoids all known security vulnerabilities and attacks;
-
ChaCha20-Poly1305 is optimized for ARM chips widely used in mobile devices, enabling faster encryption and decryption while saving power;
-
It is more bandwidth-efficient, as the output of Poly1305 is 16 bytes, while HMAC-SHA1 is 20 bytes, saving 16% in overhead consumption.
Usage
There are two mainstream encryption methods: aes-256-cfb and rc4-md5. The former has a higher encryption strength but incurs slightly greater system overhead, while the latter is much faster but lacks sufficient security, although it is still used normally. High encryption strength increases some additional system overhead; however, modern devices like computers and smartphones have strong performance, making it difficult to notice the added burden in daily use. I recommend using aes-256-cfb on computers or high-performance smartphones and tablets, but for routers, where many CPUs are below 500MHz and not powerful, the performance overhead of aes-256-cfb may significantly impact performance. Therefore, the encryption method previously used on routers generally chose rc4-md5.
Since using aes encryption on low-performance devices affects performance, and using rc4-md5 does not provide sufficient encryption strength, people created the Salsa20 encryption algorithm, which is faster and stronger than its predecessor, the RC algorithm. Later, Google developed ChaCha20, an even faster and stronger algorithm based on this algorithm.
Basically, it is now considered the best algorithm for use on low-performance devices.
Sharing a research result, please use Base64 decoding:
c3NyOi8vZGpBdGRXc3hMbk4xWTJ4dmRXUXViR2wyWlRvME5ETTZZWFYwYUY5aFpYTXhNamhmYzJoaE1UcGhaWE10TWpVMkxXTm1ZanB3YkdGcGJqcFZNMVpxWWtjNU1WcEROWGRqYlRndlAyOWlabk53WVhKaGJUMVphbEV3VFVkSk1FeHRNWEJaTTBwMll6STViV1JETldwaU1qQW1jSEp2ZEc5d1lYSmhiVDFPUkhCNlpGZE9jMkl6Vm10TWJrSjVZbmNtY21WdFlYSnJjejAyU1hWNE5WcDFPVWxQVXpod2RXRldjR2xDT0VsR1RqRlJNbmgyWkZkUmRXTklTblkxV1ZkT05reFROVFZaVjNNMU5YVkxOa2x4UXpVMFN6VkpUMkY2Y1U5WFIycFBiVU5uVDJsMmRDMWxaMmRXYkhaa1J6UW1aM0p2ZFhBOVZUTldSR0pIT1RGYVF6VjNZMjA0
Click the bottom “Read Original” to open a Base64 online decoding tool!
You may have missed
Suggestions to Simplify Personal Life
A Letter to Readers
How to Meditate 🧘♂️
· end ·
What’s this unseen flame of darkness whose sparks are the stars?
Reply “Join Group” in the background to join our reader group
Long press to follow
Let’s Break Information Asymmetry Together