0

Setting all 48 ChaCha state bytes (key, nonce, initial counter) from one result of strong hash function like sha3-384 or blake2b - correct usage? or bad practice?

PS: using original chacha20 (8bytes nonce/8bytes counter) for encrypting one long file or one-way tcp stream, not multiple small files/messages.

Yuri Myakotin
  • 1
  • 2

1 Answers1

1

I assume input to a hash function would be key and nonce.

I think it is ok to hash key and nonce, if you want to use bigger nonce as XChaCha does something similar to extend nonce, but I would keep counter on zero as does XChaCha.

Recommended usage would be to use XChaCha.

LightBit
  • 1,741
  • 14
  • 28