ChaCha20

ChaCha20 is a stream cipher designed by Daniel J. Bernstein as a refinement of Salsa20, released in 2008. It is designed for efficiency on 32-bit architectures and for resistance to timing side channels. ChaCha20 is widely used as the encryption primitive in modern secure communication protocols, often in conjunction with Poly1305 for authentication.

ChaCha20 operates on 32-bit words and uses a 256-bit key, a 96-bit nonce, and a 32-bit block

There are variants with fewer rounds, such as ChaCha20-12 and ChaCha20-8, offering different performance and security

ChaCha20 is commonly used in authenticated encryption with associated data via ChaCha20-Poly1305 (the AEAD construction). This

While considered secure and fast, ChaCha20 requires unique nonces per key; nonce reuse can completely compromise