Nikos Mavrogiannopoulos n.mavrogiannopoulos@gmail.com writes:
I tried to use the new stream algorithm salsa20, but noticed that the variant implemented is mentioned neither in the header nor in the documentation.
What's missing, more precisely? E.g., salsa20_crypt is both in the salsa20.h header file and in the Salsa20 section in the manual.
From the code and the previous discussion in the ML I see that the 20 rounds variant is there.
Right, other variants where postponed for lack of clear use cases.
While this is nice, I do think that having the 12 round variant as well is advantageous since this is the variant accepted in profile 1 of estream (http://www.ecrypt.eu.org/stream/).
What name should it use, salsa20_12_crypt? I imagine there are some testvectors somewhere on the ecrypt site?
It should be straightforward to implement on top of _salsa20_core, just like in salsa20-crypt.c. For an all-assembly implementation including the xor:ing, I guess one would want a _salsa20_crypt with an argument specifying number of rounds.
Regards, /Niels