Score:1

Converting a 32-bit ARX cipher to a 64-bit one, should the rounds be increased?

pf flag

I read about using 64-bit words in PRF functions.

I want to convert the 32-bit ARX cipher Chacha into a 64-bit version, with key/block size of 1024-bits (512*2=1024-bits)

My question is:

Should I add more rounds to achieve similar security?

DannyNiu avatar
vu flag
For ChaCha specifically, there is indeed a 64-bit word variant used in hashing. The hash function is called [BLAKE2](https://datatracker.ietf.org/doc/html/rfc7693), and it does have more rounds than the 32-bit variant.
Fractalice avatar
in flag
You probably might also need to adapt the rotation amounts
Score:6
fr flag

Typically when there's a variant of an ARX algorithm that goes from 32-bit words to 64-bit words, we do increase the rounds. As DannyNu mentioned, BLAKE2 is a variant of ChaCha, and while BLAKE2s (the 32-bit version) uses 10 rounds, while BLAKE2b (the 64-bit version) uses 12 rounds. One round of BLAKE2 is equivalent to two rounds of ChaCha, so we'd likely want to use a 24-round variant of 64-bit ChaCha.

Similarly, SHA-256 and SHA-512 are ARX designs based around a block cipher that's retroactively named SHACAL, and SHA-512 has 80 rounds, whereas SHA-256 has 64. Keccak, which is not an ARX design but works in a somewhat similar way, also has more rounds between its 32-bit and 64-bit variants.

The typical reason we would add rounds in this case is that with more bits, we must do more work to ensure each key bit or input bit has an effect on all of the output bits in the proper way.

How many rounds should be added depends on characteristics of the cipher, like metrics on the avalanche effect and resistance to linear and differential cryptography. If we were designing an algorithm that was a 64-bit variant of ChaCha, we'd investigate these criteria and probably try to extend the best known attacks on ChaCha to our variant to see what the right additional level of rounds would be to have a similar level of security.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.