> ChaCha20 is a stream cipher described in RFC 7539, and is intended to be > an efficient software implementable 'standby cipher', in case AES cannot > be used. That's not quite correct. The IETF changed the algorithm a bit, and its not compatible with Bernstein's ChaCha. They probably should have differentiated the name to avoid this sort of confusion. You can find Bernstein's specification for ChaCha at https://cr.yp.to/chacha.html, and the test vectors for Bernstein's specification at http://tools.ietf.org/html/draft-strombergson-chacha-test-vectors. Jeff -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html