Skip to content

Why dotnet System.Security.Cryptography does not have XChaCha20Poly1305-IETF #117834

Answered by vcsjones
dhgatjeye asked this question in General
Discussion options

You must be logged in to vote

Why dotnet System.Security.Cryptography does not have XChaCha20Poly1305-IETF

For the same reasons as what was outlined in the Argon2 question, except this time even OpenSSL has not implemented it, meaning we have zero implementations we could use.

The next logical follow up question is "Can you implement XChaCha20Poly1305 using ChaCha20Poly1305"

No. Despite the algorithm name similarity, you cannot implement XChaCha20Poly1305 in terms of ChaCha20Poly1305. XChaCha20Poly1305 requires using an internal part of the ChaCha20 cipher to create a primitive called HChaCha20. Plain ChaCha20 does not give us the control over the counter.

Replies: 1 comment

Comment options

You must be logged in to vote
0 replies
Answer selected by dhgatjeye
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
2 participants