[Cryptography] recommending ChaCha20 instead of RC4 (RC4 again)
Zooko O'Whielacronx
zookog at gmail.com
Sat Mar 8 23:23:06 EST 2014
If you like RC4, you might like ChaCha20.
https://en.wikipedia.org/wiki/Salsa20#ChaCha_variant
Like RC4, it is a stream cipher, but unlike RC4 it is widely liked by
modern cryptographers. That's a generalization, of course, but:
* ChaCha20 is a variant of Salsa20, which was one of the winners of
the eSTREAM competition: http://www.ecrypt.eu.org/stream/index.html
* There is work to implement it in TLS (to replace RC4):
https://www.imperialviolet.org/2013/10/07/chacha20.html
* It's now included in OpenSSH:
http://blog.djm.net.au/2013/11/chacha20-and-poly1305-in-openssh.html
* It is the core of my favorite secure hash function, BLAKE2!
https://blake2.net/ (Disclosure: I'm one of the authors of BLAKE2, but
not of the original "BLAKE" from which BLAKE2 is derived.)
Oh yes, and ChaCha is much more efficient than RC4.
http://www.cryptopp.com/benchmarks.html says that modified alleged RC4
("MARC4") takes about 14 cycles per byte and that Salsa20 takes about
4 cycles per byte. http://bench.cr.yp.to/results-stream.html says that
ChaCha20 is usually around 15% more efficient than Salsa20 on modern
Intel CPUs.
Regards,
Zooko
More information about the cryptography
mailing list