why Tink uses a random nonce, not a counter:https://groups.google.com/forum/#!topic/tink-users/v4ATADoH0hU …
-
-
Is XChaChaPoly1305 implemented or used anywhere? We implemented 96-bit random nonce ChaCha20Poly1305 because it's in RFC7539
-
2 implementations I know of. (I'm also planning to add it to *ring*.) Wireguard: https://lists.zx2c4.com/pipermail/wireguard/2016-December/000837.html … libsodium:https://github.com/jedisct1/libsodium/blob/master/src/libsodium/crypto_secretbox/xchacha20poly1305/secretbox_xchacha20poly1305.c …
-
XChaCha20 is also implemented in libhydrogenhttps://github.com/jedisct1/libhydrogen/wiki …
-
Whose API doesn't require the user to provide a nonce, btw.https://github.com/jedisct1/libhydrogen/wiki/Secret-key-encryption …
-
and in addition to Wireguard, DNSCrypt is a real-world protocol whose specification includes XChaCha20 https://github.com/jedisct1/dnscrypt-proxy/blob/master/DNSCRYPT-V2-PROTOCOL.txt#L345 …
-
Thanks Frank and Brian! We'll add XChaCha20 :)
-
Awesome!
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.