The 2018 International Symposium on Information Theory and Its Applications (ISITA2018)
Revisited Diffusion Analysis of Salsa and ChaCha
Yusuke MATSUOKA, Atsuko MIYAJI,
Both ChaCha and AES are standardized as symmetric ciphers in TLS 1.3; AES is a block cipher, whereas ChaCha is a stream cipher. The security of AES has been studied by many researchers. ChaCha, however, needs more security analysis because it has been proposed more recently, compared with AES. Furthermore, ChaCha is improved from Salsa from the point of view of diffusion and thus, diffusion analysis of Salsa and ChaCha is important to understand their security-design criteria. In this study, we revisit diffusion analysis and investigate weak bits and weak columns of Salsa and ChaCha. To the authors’knowledge, this is the first detailed diffusion analysis of Salsa and ChaCha.