Comments (6)
XChaCha20 has a 192-bit nonce instead of a 96-bit nonce, which changes the risk of random nonce collision to "roughly one in a billion after a few billion messages" to "virtually never".
from halite.
do you know if switching from XSalsa20 to ChaCha20 in halite code is as simple as just replacing encrypt / decrypt / generating key / constants for nonces etc, and keep the key derivation & authentication just like it is already coded?
We generally don't recommend making changes to Halite. We're already planning on switching the stream cipher in v5.
from halite.
We aren't going to ever switch to ChaCha20. We might switch to XChaCha20.
We're investigating other changes for Halite 5, which will almost certainly stop using Xsalsa20 and target PHP 8.1 and newer.
from halite.
Thank you for your answer. Any reason to choose XChaCha20 against ChaCha20?
from halite.
OK thank you for those explanations.
Anyway, as I'm working for a project that must follow the guide I initially posted in this thread, I must encrypt my app data using ChaCha20 and I didn't find other serious high level crypto library in PHP that would do this "the good way" (except using AES implementation by defuse but it is faaaar slower that halite symmetric encryption using XSalsa20 (more that 700 times slower) or my modified version using ChaCha20).
As you seem to have knowledge @paragonie-security , do you know if switching from XSalsa20 to ChaCha20 in halite code is as simple as just replacing encrypt / decrypt / generating key / constants for nonces etc, and keep the key derivation & authentication just like it is already coded?
I could perhaps post a PR (which obviously would not be accepted as it is not planned for halite to switch to ChaCha20) in this "issue" in order to better illustrate what I did?
from halite.
Done in #176 :)
from halite.
Related Issues (20)
- getKeyDataFromString hash validation fail HOT 8
- Invalid message authentication code HOT 1
- export/import string Asymmetric-Key Encryption keypair? HOT 3
- password protected secretKey? And: change password without changing publicKey? HOT 2
- What if you already have a RSA 2048 key and you want to use it instead of generating a new key? HOT 2
- Use EC brainpoolP256r1 key for encryption/decryption HOT 6
- Asymmetric authenticated file encryption/decryption HOT 3
- Create a different key pr environment HOT 3
- PHP 8.0 < 8.1 -- real slow due to XChaCha20 polyfill HOT 8
- halite for Python HOT 2
- php opcache.preload won't work because of conditional functions HOT 2
- Decrypting a file to output buffer fails HOT 1
- 'Expected hexadecimal character' exception from $cookie->fetch() after upgrade
- Is there a reason why the result of Symmetric::encrypt() always starts with 'MUIFA'? HOT 1
- Make use of PHP 8.2's #[\SensitiveParameter] to improve security
- Invalid message authentication code HOT 1
- invalid version tag when migrating from halite 4.8.0 to 5.1.0
- Uncaught PHP Exception RangeException: \"Expected hexadecimal character\ on symfony HOT 1
- Question: Can this library be used to decrypt Web Push Notifications from Mastodon?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from halite.