Salsa20 Encryption

About Salsa20 Encryption

Salsa20 is a stream cipher designed by Daniel J. Bernstein in 2005. It is part of the eSTREAM portfolio of recommended stream ciphers and has been widely adopted for its security and performance characteristics.

Key Features:

• Stream Cipher: Salsa20 generates a keystream that is XORed with the plaintext to produce ciphertext.
• Key Sizes: Supports 128-bit and 256-bit keys.
• Nonce: Uses an 8-byte (64-bit) nonce, allowing up to 2^64 different keystreams from a single key.
• Performance: Designed for high speed in software implementations, particularly on modern processors.
• Security: No practical cryptanalytic attacks have been found against the full 20-round version.
• Variants: Includes Salsa20/8 and Salsa20/12 with fewer rounds for higher performance, and XSalsa20 with an extended 192-bit nonce.

How Salsa20 Works:

1. Salsa20 uses a simple core function that transforms a 64-byte block using a series of addition, XOR, and rotation operations.
2. The core function is applied to a block containing the key, nonce, and a counter.
3. The result is XORed with the plaintext to produce ciphertext (or with ciphertext to produce plaintext).
4. The counter is incremented for each block, ensuring that each block uses a different keystream.

Advantages of Salsa20:

• Speed: Very fast in software, especially on modern processors.
• Simplicity: Clean design with no complex S-boxes or lookup tables.
• Resistance to Side-Channel Attacks: Constant-time implementation is straightforward.
• No Patent Restrictions: Free to use in any application.
• Parallelizable: Can encrypt/decrypt multiple blocks in parallel.

XSalsa20:

XSalsa20 is an extended version of Salsa20 that uses a 192-bit nonce instead of the original 64-bit nonce. This allows for a much larger number of different keystreams from a single key, making it suitable for applications where nonce reuse is a concern.