ChaCha20 (Modern Stream Cipher)

A fast, modern stream cipher designed to be simple and resistant to timing attacks.

Difficulty: Intermediate

How it works

  1. ChaCha20 takes a 256-bit key, a 96-bit nonce and a 32-bit block counter. It produces a pseudorandom keystream in 512-bit blocks.
  2. Internally it uses repeated rounds of an “add-rotate-xor” (ARX) function on a 4×4 matrix of 32-bit words. These operations are fast and constant-time on typical CPUs.
  3. To encrypt, you XOR the keystream with your plaintext. To decrypt, you XOR the same keystream with the ciphertext.
  4. ChaCha20 is often combined with the Poly1305 message authentication code to create ChaCha20-Poly1305, an authenticated encryption scheme used in TLS and SSH.
  5. When you choose ChaCha20 in a library, you usually do not manipulate the math directly – you provide a key and nonce and let the library generate the keystream securely.
Press Shift + Enter

What is it?

ChaCha20 is a modern, high-performance stream cipher developed by Daniel J. Bernstein. Designed as a modification of his earlier Salsa20 cipher, ChaCha20 increases diffusion per round to achieve better security without sacrificing speed. Unlike older ciphers that suffer performance hits on mobile devices without dedicated hardware acceleration, ChaCha20 is extremely fast in software alone. It has become the gold standard for software-based stream encryption, widely adopted by Google, OpenSSH, and the TLS 1.3 protocol.

Try it yourself

Can you decrypt this challenge?

VHVY GUVF ZRNGL (example ciphertext)

Where this shows up today

To provide a secure, software-optimized alternative to AES that is immune to timing attacks.