Simple, Secure and Fast encryption for any CPU.

ChaCha12-BLAKE3 is a secure Authenticated Encryption with Associated Data (AEAD) algorithm that is:

• more secure than classic AEADs by providing message commitment
• uses long nonces that can safely generated randomly
• doesn't require any specific harware instruction but instead scales with the width of the SIMD instructions of your CPU (AVX2 / AVX-512 on amd64 and NEON / SVE on amr64)

Making it a great fit for everything from microcontrollers to huge servers.

It was designed to be the only encryption algorithm you will ever need.

⚠️ Warning ⚠️: This is a preliminary release, DO NOT USE IN PRODUCTION. The specification may change in the near future.

https://kerkour.com/chacha12-blake3

Warning ⚠️: A (key, nonce) pair SHOULD NEVER be used to encrypt two messages. You can use either the same key with unique random nonces, an unique key with random or fixed nonces, or the same key with a NON-REPEATING counter in the first X bytes of the nonce. See the specification to learn how much data you can safely encrypt.

Cargo.toml

[dependencies]
chacha12-blake3 = "0.9"

use chacha12_blake3::ChaCha12Blake3;

fn main() {
    // OD NOT USE A ALL-ZERO KEY / NONCE, THIS CODE IS FOR DEMONSTRATION ONLY
    let key = [0u8; 32];
    let nonce = [0u8; 32];
    // or with an u64 counter to encrypt up to 2^64 messages with a single key:
    // let mut nonce = [0u8; 32];
    // nonce[..8].copy_from_slice(&counter.to_le_bytes());

    let message = b"Hello World!";

    let cipher = ChaCha12Blake3::new(key);

    let ciphertext: Vec<u8> = cipher.encrypt(&nonce, message, &[]);

    let plaintext: Vec<u8> = cipher.decrypt(&nonce, &ciphertext, &[]).unwrap();

    assert_eq!(plaintext, message);
}

MIT. See LICENSE.txt