Monocypher

Boring crypto that simply works
CRYPTO_HCHACHA20(3MONOCYPHER) 3MONOCYPHER CRYPTO_HCHACHA20(3MONOCYPHER)

NAME

HChacha20 special-purpose hashing #include <monocypher.h>
void
crypto_hchacha20(uint8_t out[32], const uint8_t key[32], const uint8_t in[16]);

DESCRIPTION

crypto_hchacha20() provides a not-so-cryptographic hash. It may be used for some specific purposes, such as X25519 key derivation, or XChacha20 initialisation. If in doubt, do not use directly. Use crypto_blake2b() instead.
The arguments are:
key
A sufficiently random key, such as the output of crypto_x25519().
in
The space reserved for the Chacha20 nonce and counter. It does not have to be random.
out
A cryptographically secure random number if there is enough entropy in key. X25519 shared secrets have enough entropy.

RETURN VALUES

This function returns nothing.

EXAMPLES

Simple hash:
uint8_t key[32]; /* Must have enough entropy           */ 
uint8_t in [16]; /* Does not have to be random         */ 
uint8_t out[32]; /* Will be random iff the above holds */ 
crypto_hchacha20(out, key, in); 
/* Wipe secrets if they are no longer needed */ 
crypto_wipe(key, 32); 
crypto_wipe(in , 16);

SEE ALSO

crypto_chacha20_encrypt(), crypto_key_exchange(), intro()

STANDARDS

This function implements HChacha20. HChacha20 derives from Chacha20 the same way HSalsa20 derives from Salsa20.

HISTORY

The crypto_hchacha20() function first appeared in Monocypher 0.1 as crypto_chacha20_H(). It was renamed to crypto_hchacha20() in Monocypher 3.0.0.

CAVEATS

This is not a general-purpose cryptographic hash function.
December 12, 2019 Linux 4.15.0-88-generic