Ask HN: LibreSSL symmetric encryption using ChaCha20 (openssl -enc)
Seems you can use command line option "openssl -enc -cipher chacha" with LibreSSL for file encryption however the documentation doesn't mention this as a supported cipher. Is it insanity to use a stream cipher for data at rest or should I stick to what the manpage for Libre/OpenSSL recommends which is "a strong block cipher in CBC mode such as bf or des3".
2 comments
[ 0.75 ms ] story [ 11.6 ms ] threadAn example is using dm-crypt and LUKS. If you don't want to have a dedicated encrypted partition, you can mount a file with a loop device. For example, see it here:
https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_a_n...
It will use AES by default in XTS mode. (the default was changed because of CBC malleability attacks).
Anyway, compared to AES, ChaCha is simpler, don't suffer from timing attacks, and don't require a mode of operation. There's nothing wrong with using it for data at rest.
Went through the Salsa20/ChaCha djb pages to see it doesn't use modes, and LibreSSL source for e_chacha/e_chacha20poly1305.c indicates a 2TB limit but would never come close to encrypting anything that large as that's why we have Tarsnap backups. Reasons I eyed the AEAD stream cipher for file encryption was because how crazy fast it was during tests and the small size of the output, just was wondering about any potential 'gotchas' I wouldn't know about since I'm no expert on crypto hashing/file encryption.