nisse@lysator.liu.se (Niels Möller) writes:
Stefan Bühler nettle-bugs@stbuehler.de writes:
What about:
chacha20_crypt (20 rounds) chacha12_crypt (12 rounds) chacha_set_key128 (128 key bits) chacha_set_key256 (256 key bits) salsa20_set_key128 (128 key bits) salsa20_set_key256 (256 key bits)
My gut feeling is that think putting the number of bits last is too inconsistent with aes128_set_*_key and similar functions.
Opinions?
Imho moving Salsa20/R functions to the ChachaR naming would work too :)
That's one option. What do others think? (We could keep aliases for backwards compatibility, whenever practical).
I don't like it -- as far as I recall, DJB calls the ciphers Salsa20 and ChaCha respectively. When round-specific counts are introduced, the naming is Salsa20/R and ChaChaR respectively. I don't think it is good to move away from the "upstream" naming scheme for a cipher, even if the naming scheme isn't consistent between ciphers.
Of course, the function names can be discussed more than generic naming.
Maybe it would have been better to call the Salsa20 functions 'salsatwenty' instead, so you would have 'salsatwenty128_set_key' or similar, although it is a bit ugly.
Of course, there is nothing preventing use of 'salsa20128_set_key' except that it is difficult to parse if you aren't familiar with terminology. Alternatively, 'salsa20_128_set_key'. I think I prefer one of these variants the most.
/Simon