Module: Nuckle::Chacha20Blake3

Defined in:
lib/nuckle/chacha20_blake3.rb

Overview

ChaCha20-BLAKE3 authenticated encryption with associated data (AEAD).

Wire-compatible with the ‘chacha20-blake3` Rust crate (github.com/skerkour/chacha20-blake3). Given a 32-byte master key and a 24-byte nonce:

  1. BLAKE3-keyed(master_key) absorbing the nonce, then XOF-extracting 72 bytes, splits into (encryption_key, authentication_key, chacha20_nonce) of sizes (32, 32, 8).

  2. Encrypt plaintext with ChaCha20(encryption_key, chacha20_nonce).

  3. Tag = BLAKE3-keyed(authentication_key) over aad || u64_le(aad.bytesize) || ciphertext || u64_le(ciphertext.bytesize).

  4. Output is ‘ciphertext || tag`.

Defined Under Namespace

Classes: Cipher

Constant Summary collapse

KEYBYTES = 
32
NONCEBYTES = 
24
TAGBYTES = 
32