Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The old ChaCha8, ChaCha12 and ChaCha20 is better then current ChaCha with "Rounds" parameter #800

Closed
asbai opened this issue Feb 12, 2019 · 3 comments
Closed

The old ChaCha8, ChaCha12 and ChaCha20 is better then current ChaCha with "Rounds" parameter #800

asbai opened this issue Feb 12, 2019 · 3 comments

Comments

@asbai
Copy link
Contributor

asbai commented Feb 12, 2019

Crypto++ 8.0 Issue Report

I think the old ChaCha8, ChaCha12 and ChaCha20 is better then current ChaCha with "Rounds" parameter, because:

  1. New API need to setting up the rounds on every key reset. This usage is neither natural nor convenient, since the rounds is itself a fixed part of the algorithm, it is usually not modified when changing the key. In essence, different rounds can actually be seen as completely different algorithms. Setting the number of rounds from 8 to 20 is like switching the encryption algorithm from DES to AES. The new API forces us to remember its rounds and specify it each time we reset the password.

  2. Template parameters are known constants at compile time, and I guess using template parameters allows some compilers to better optimize their generated code.
@noloader
Copy link
Collaborator

noloader commented Feb 12, 2019
edited
Loading

  1. New API need to setting up the rounds on every key reset...

Yeah, that's bullshit. Let me get that fixed.

That's going to affect, Salsa, ChaCha, XChaCha and a few others.

  1. Template parameters are known constants at compile time, and I guess using template parameters allows some compilers to better optimize their generated code.

This does not matter much in practice. I used to favor the consexpr hoping it made a difference. I found the difference won't be measurable or will be trivial under benchmarks.

@asbai
Copy link
Contributor Author

asbai commented Feb 12, 2019

Great, thanks @noloader
:-D

noloader added a commit to noloader/cryptopp that referenced this issue Feb 12, 2019
@noloader
Latch previous ROUNDS in Salsa and ChaCha ciphers (GH weidai11#800)
57e869e
noloader added a commit that referenced this issue Feb 12, 2019
@noloader
Latch previous ROUNDS in Salsa and ChaCha ciphers (GH #800, PR #804)
e499131
@noloader
Copy link
Collaborator

Cleared at Commit e499131ea6ba.

asbai added a commit to asbai/cryptopp that referenced this issue Feb 13, 2019
@asbai
Restore the rounds to a template parameter
22ababb 
weidai11#800
@noloader noloader mentioned this issue Feb 13, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@noloader @asbai