#chacha20 #chacha #crypto #xchacha20

no-std c2-chacha

The ChaCha family of stream ciphers

10 releases

0.3.3 Oct 24, 2021
0.3.1 May 12, 2021
0.3.0 Nov 2, 2020
0.2.4 May 16, 2020
0.1.0 Feb 3, 2019

#253 in Cryptography

Download history 39603/week @ 2023-11-18 36924/week @ 2023-11-25 33594/week @ 2023-12-02 31124/week @ 2023-12-09 26218/week @ 2023-12-16 11651/week @ 2023-12-23 17252/week @ 2023-12-30 25763/week @ 2024-01-06 31900/week @ 2024-01-13 30360/week @ 2024-01-20 29036/week @ 2024-01-27 29891/week @ 2024-02-03 30990/week @ 2024-02-10 39940/week @ 2024-02-17 34707/week @ 2024-02-24 29713/week @ 2024-03-02

139,945 downloads per month
Used in 159 crates (7 directly)

MIT/Apache

145KB
4K SLoC

The ChaCha family of stream ciphers

Features

  • pure Rust implementation
  • supports the RustCrypto API
  • builds on stable Rust
  • portable
  • fast: within 15% of throughput of a hand-optimized ASM SIMD implementation (floodberry/chacha-opt) on my machine (a Xeon X5650, using ppv-lite86)
  • no-std compatible (std required only for runtime algorithm selection)

Supported Variants

ChaCha20: used in chacha20-poly1305 in TLS, OpenSSH; arc4random in the BSDs, Linux /dev/urandom since 4.8.

Ietf: IETF RFC 7539. Longer nonce, short block counter.

XChaCha20: constructed analogously to XSalsa20; a mixing step during initialization allows using a long nonce and along with a full-sized block counter.

ChaCha12, ChaCha8: faster; lower security margin of safety.


lib.rs:

Pure Rust ChaCha with SIMD optimizations.

Stream-cipher usage:

#[cfg(features = "std")]
fn demo() {
extern crate c2_chacha;

use c2_chacha::stream_cipher::{NewStreamCipher, SyncStreamCipher, SyncStreamCipherSeek};
use c2_chacha::{ChaCha20, ChaCha12};

let key = b"very secret key-the most secret.";
let iv = b"my nonce";
let plaintext = b"The quick brown fox jumps over the lazy dog.";

let mut buffer = plaintext.to_vec();
// create cipher instance
let mut cipher = ChaCha20::new_var(key, iv).unwrap();
// apply keystream (encrypt)
cipher.apply_keystream(&mut buffer);
// and decrypt it back
cipher.seek(0);
cipher.apply_keystream(&mut buffer);
// stream ciphers can be used with streaming messages
let mut cipher = ChaCha12::new_var(key, iv).unwrap();
for chunk in buffer.chunks_mut(3) {
    cipher.apply_keystream(chunk);
}
}

Dependencies