Time for a Cha-cha or a Salsa?

WEP (as used in wi-fi) gave stream ciphers a bad name, where it broke virtually every rule in the crypto book, and could be cracked, for the whole network, within just a few hours. But stream ciphers work just as well a block ones and are often much faster. Let’s do some Cha-Cha!

AES … great … but … not perfect!

AES has been shown to be relatively free from any vulnerabilities in its operation, but it does suffer from timing attacks. By listening to the power supply (and using the Keysight capture device), we have shown here that we can crack AES in less than 30 minutes [paper]:

This is because AES has a tell-tail signature in its operation.

Along with this, Google worry that AES has a virtual monopoly on secret key encryption, so what would happen it is was cracked? They thus, in an RFC, propose the usage of a stream cipher known as ChaCha20: