rust-crypto icon indicating copy to clipboard operation
rust-crypto copied to clipboard

Published 20 hours ago verified publisher icon DaGenix

Implement seeking for ChaCha20 and Salsa20

Open PeterReid opened this issue 8 years ago • 1 comments

ChaCha20 and Salsa20 are capable of efficiently moving to any point in their output, but that functionality was not being exposed. This patch introduces a new trait, SeekableStreamCipher, with implementations for those two ciphers.

This exposed a bug in Salsa20: overflow in the least-significant block counter word was not correctly detected. This made all streams wrong after 256 GiB, and an unlucky 1 out of 2^32 streams wrong after 64 bytes.

Issue #156 is related to this.

PeterReid avatar Oct 03 '15 18:10 PeterReid

This exposed a bug in Salsa20: overflow in the least-significant block counter word was not correctly detected.

Do you have a test vector for this (preferably one of the shorter ones)?

briansmith avatar Jun 08 '16 10:06 briansmith