ChaCha20 & Poly1305

The SharkSSL(TM) SSL/TLS stack has adopted support for ChaCha20 and Poly1305. Our assembler optimized ChaCha20 cipher and Poly1305 hashing algorithms are blazing fast and performance comparable to AES-GCM (with) Hardware Assisted Acceleration.

ChaCha20 and Poly1305 is particularly well suited for securing small embedded devices that need to preserve memory, footprint, and maintain performance with the least amount of encumbrance, by cutting down on the amount of time spent encrypting and decrypting data.

The new alternative provides a path for low-cost device manufacturers to negotiate an ECC certificate exchange in the realm of a 20Kb footprint with use of approximately 6Kb RAM, which is phenomenally small when comparing to other methods of exchange.

ChaCha20 is a symmetric stream cipher and Poly1305 is a complementary hash which utilizes the (fingerprint) method. The new algorithm primitives, created by Prof. Dan Bernstein from the University of Illinois at Chicago, have been industry vetted and adopted this year (2014) by major browsers such as Google Chrome and Opera.

The turn-key addition of ChaCha20_Poly1305 complements the existing Cryptography Technologies, Elliptic Curves and Suite-B solution offered by SharkSSL and is also available stand-alone within the RayCrypto(TM) Cipher Suite.

ChaCha20 & Poly1305 in Action

The illustration to the right provides a verified secure connection, including information about the specific security features used for the connection session.

The Google Chrome browser is used to view pages provided by the M2M LED WebSocket server demonstration program, which in turn is running on a Renesas RX (YRDKRX63N) embedded evaluation board.

Note that ChaCha20/ Poly1305 is selected by default as the favored strongest symmetric encryption option available to both browser and device server.

The Chrome or Opera browsers offer full support for ChaCha20 and Poly1305, which allows for immediate testing and development of the latest in cipher/hash algorithm technology.

Direct Viewing is powered by the Barracuda Application Server technology, which in turn utilizes SharkSSL for superior performance and reliance in a secure communications.

Right click the green padlock located in the address space and select the Connection tab to display the Security details.

Posted in News by bd