{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,10]],"date-time":"2026-06-10T16:10:01Z","timestamp":1781107801007,"version":"3.54.1"},"reference-count":33,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2022,6,17]],"date-time":"2022-06-17T00:00:00Z","timestamp":1655424000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"New Energy and Industrial Technology Development Organization (NEDO)","award":["JPNP16007"],"award-info":[{"award-number":["JPNP16007"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>Transport Layer Security (TLS) provides a secure channel for end-to-end communications in computer networks. The ChaCha20\u2013Poly1305 cipher suite is introduced in TLS 1.3, mitigating the sidechannel attacks in the cipher suites based on the Advanced Encryption Standard (AES). However, the few implementations cannot provide sufficient speed compared to other encryption standards with Authenticated Encryption with Associated Data (AEAD). This paper shows ChaCha20 and Poly1305 primitives. In addition, a compatible ChaCha20\u2013Poly1305 AEAD with TLS 1.3 is implemented with a fault detector to reduce the problems in fragmented blocks. The AEAD implementation reaches 1.4-cycles-per-byte in a standalone core. Additionally, the system implementation presents 11.56-cycles-per-byte in an RISC-V environment using a TileLink bus. The implementation in Xilinx Virtex-7 XC7VX485T Field-Programmable Gate-Array (FPGA) denotes 10,808 Look-Up Tables (LUT) and 3731 Flip-Flops (FFs), represented in 23% and 48% of ChaCha20 and Poly1305, respectively. Finally, the hardware implementation of ChaCha20\u2013Poly1305 AEAD demonstrates the viability of using a different option from the conventional cipher suite based on AES for TLS 1.3.<\/jats:p>","DOI":"10.3390\/cryptography6020030","type":"journal-article","created":{"date-parts":[[2022,6,17]],"date-time":"2022-06-17T05:25:11Z","timestamp":1655443511000},"page":"30","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":35,"title":["ChaCha20\u2013Poly1305 Authenticated Encryption with Additional Data for Transport Layer Security 1.3"],"prefix":"10.3390","volume":"6","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5501-0914","authenticated-orcid":false,"given":"Ronaldo","family":"Serrano","sequence":"first","affiliation":[{"name":"Department of Computer and Network Engineering, The University of Electro-Communications (UEC), Tokyo 182-8585, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3746-8320","authenticated-orcid":false,"given":"Ckristian","family":"Duran","sequence":"additional","affiliation":[{"name":"Department of Computer and Network Engineering, The University of Electro-Communications (UEC), Tokyo 182-8585, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3544-8839","authenticated-orcid":false,"given":"Marco","family":"Sarmiento","sequence":"additional","affiliation":[{"name":"Department of Computer and Network Engineering, The University of Electro-Communications (UEC), Tokyo 182-8585, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5255-4919","authenticated-orcid":false,"given":"Cong-Kha","family":"Pham","sequence":"additional","affiliation":[{"name":"Department of Computer and Network Engineering, The University of Electro-Communications (UEC), Tokyo 182-8585, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4078-0836","authenticated-orcid":false,"given":"Trong-Thuc","family":"Hoang","sequence":"additional","affiliation":[{"name":"Department of Computer and Network Engineering, The University of Electro-Communications (UEC), Tokyo 182-8585, Japan"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2022,6,17]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Lim, J.P., and Nagarakatte, S. (2019, January 16\u201320). Automatic Equivalence Checking for Assembly Implementations of Cryptography Libraries. Proceedings of the IEEE\/ACM International Symposium on Code Generation and Optimization (CGO), Washington, DC, USA.","DOI":"10.1109\/CGO.2019.8661180"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Saraiva, D.A.F., Leithardt, V.R.Q., de Paula, D., Mendes, A.S., Gonz\u00e1lez, G.V., and Crocker, P. (2019). PRISEC: Comparison of Symmetric Key Algorithms for IoT Devices. Sensors, 19.","DOI":"10.3390\/s19194312"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Najm, Z., Jap, D., Jungk, B., Picek, S., and Bhasin, S. (2018, January 26\u201330). On Comparing Side-channel Properties of AES and ChaCha20 on Microcontrollers. Proceedings of the IEEE Asia Pacific Conference on Circuits and Systems (APCCAS), Chengdu, China.","DOI":"10.1109\/APCCAS.2018.8605653"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Rescorla, E. (2022, June 10). The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446, August 2018. Available online: https:\/\/datatracker.ietf.org\/doc\/html\/rfc8446.","DOI":"10.17487\/RFC8446"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Almeida, J.B., Barbosa, M., Barthe, G., Gr\u00e9goire, B., Koutsos, A., Laporte, V., Oliveira, T., and Strub, P.-Y. (2020, January 18\u201321). The Last Mile: High-Assurance and High-Speed Cryptographic Implementations. Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP40000.2020.00028"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"De Santis, F., Schauer, A., and Sigl, G. (2017, January 27\u201331). ChaCha20-Poly1305 Authenticated Encryption for High-speed Embedded IoT Applications. Proceedings of the Design, Automation & Test in Europe Conference Exhibition (DATE), Lausanne, Switzerland.","DOI":"10.23919\/DATE.2017.7927078"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Jungk, B., and Bhasin, S. (2017, January 27\u201331). Do not Fall Into a Trap: Physical Side-channel Analysis of ChaCha20-Poly1305. Proceedings of the Design, Automation & Test in Europe Conference Exhibition (DATE), Lausanne, Switzerland.","DOI":"10.23919\/DATE.2017.7927155"},{"key":"ref_8","unstructured":"Lavaud, A.D., Fournet, C., Kohlweiss, M., Protzenko, J., Rastogi, A., Swamy, N., Beguelin, S.Z., Bhargavan, K., Pan, J., and Zinzindohoue, J.K. (2017, January 22\u201326). Implementing and Proving the TLS 1.3 Record Layer. Proceedings of the IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Islam, M.M., Paul, S., and Haque, M.M. (2017, January 22\u201324). Reducing Network Overhead of IoT DTLS Protocol Employing ChaCha20 and Poly1305. Proceedings of the International Conference of Computer and Information Technology (ICCIT), Dhaka, Bangladesh.","DOI":"10.1109\/ICCITECHN.2017.8281857"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Barthe, G., Cauligi, S., Gr\u00e9goire, B., Koutsos, A., Liao, K., Oliveira, T., Priya, S., Rezk, T., and Schwabe, P. (2021, January 24\u201327). High-Assurance Cryptography in the Spectre Era. Proceedings of the IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA.","DOI":"10.1109\/SP40001.2021.00046"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Sadio, O., Ngom, I., and Lishou, C. (2019, January 22\u201325). Lightweight Security Scheme for MQTT\/MQTT-SN Protocol. Proceedings of the International Conference on Internet of Things: Systems, Management and Security (IOTSMS), Granada, Spain.","DOI":"10.1109\/IOTSMS48152.2019.8939177"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"833","DOI":"10.1109\/OJCAS.2021.3127273","article-title":"ChaCha20-in-Memory for Side-Channel Resistance in IoT Edge-Node Devices","volume":"2","author":"Aamir","year":"2021","journal-title":"IEEE Open J. Circ. Syst."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Pfau, J., Reuter, M., Harbaum, T., Hofmann, K., and Becker, J. (2019, January 3\u20136). A Hardware Perspective on the ChaCha Ciphers: Scalable Chacha8\/12\/20 Implementations Ranging from 476 Slices to Bitrates of 175 Gbit\/s. Proceedings of the IEEE International System-on-Chip Conference (SOCC), Singapore.","DOI":"10.1109\/SOCC46988.2019.1570548289"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Henzen, L., Carbognani, F., Felber, N., and Fichtner, W. (2008, January 7\u20139). VLSI Hardware Evaluation of the Stream Ciphers Salsa20 and ChaCha, and the Compression Function Rumba. Proceedings of the International Conference on Signals, Circuits and Systems (SCS), Monastir, Tunisia.","DOI":"10.1109\/ICSCS.2008.4746906"},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/2930664","article-title":"Fault Detection Architectures for Post-Quantum Cryptographic Stateless Hash-Based Secure Signatures Benchmarked on ASIC","volume":"16","author":"Kermani","year":"2017","journal-title":"ACM Trans. Embed. Comput. Syst."},{"key":"ref_16","first-page":"86","article-title":"High-Throughput Low-Area Hardware Design of Authenticated Encryption with Associated Data Cryptosystem that Uses ChaCha20 and Poly1305","volume":"8","author":"Kanda","year":"2019","journal-title":"Int. J. Recent Technol. Eng."},{"key":"ref_17","unstructured":"Rambus Inc. (2022, June 10). Cipher Accelerators: CHACHA-IP-13 ChaCha20 Accelerators, 2021. Available online: https:\/\/www.rambus.com\/security\/crypto-accelerator-hardware-cores\/basic-crypto-blocks\/chacha-ip-13\/."},{"key":"ref_18","unstructured":"Rambus Inc. (2022, June 10). Hash Accelerators: POLY-IP-53 Poly1305-based MAC Accelerators, 2021. Available online: https:\/\/www.rambus.com\/security\/crypto-accelerator-hardware-cores\/basic-crypto-blocks\/poly-ip-53\/."},{"key":"ref_19","unstructured":"SilexInsight (2022, June 10). ChaCha20-Poly1305 AEAD Crypto Engine, 2021. Available online: https:\/\/www.silexinsight.com\/products\/security\/chacha20-poly1305-ip-core\/."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Serrano, R., Duran, C., Hoang, T.-T., Sarmiento, M., Tsukamoto, A., Suzaki, K., and Pham, C.-K. (2021, January 6\u20139). ChaCha20-Poly1305 Crypto Core Compatible with Transport Layer Security 1.3. Proceedings of the International SoC Design Conference (ISOCC), Jeju Island, Korea.","DOI":"10.1109\/ISOCC53507.2021.9614016"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"1216","DOI":"10.1109\/JIOT.2019.2953715","article-title":"ME-TLS: Middlebox-Enhanced TLS for Internet-of-Things Devices","volume":"7","author":"Li","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_22","unstructured":"W3 Techs (2022, June 10). Usage Statistics of Default Protocol Https for Websites, May 2022. Available online: https:\/\/w3techs.com\/technologies\/details\/ce-httpsdefault."},{"key":"ref_23","unstructured":"Rescorla, E., and Dierks, T. (2022, June 10). The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, August 2008. Available online: https:\/\/datatracker.ietf.org\/doc\/html\/rfc5246."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Rodr\u00edguez, M., Astarloa, A., L\u00e1zaro, J., Bidarte, U., and Jim\u00e9nez, J. (2018, January 14\u201316). System-on-Programmable-Chip AES-GCM implementation for wire-speed cryptography for SAS. Proceedings of the Conference on Design of Circuits and Integrated Systems (DCIS), Lyon, France.","DOI":"10.1109\/DCIS.2018.8681469"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1053","DOI":"10.1109\/TVLSI.2019.2894656","article-title":"Architecture Optimization and Performance Comparison of Nonce-Misuse-Resistant Authenticated Encryption Algorithms","volume":"27","author":"Koteshwara","year":"2019","journal-title":"IEEE Trans. Very Large Scale Integr. (VLSI) Syst."},{"key":"ref_26","unstructured":"Hoang, V.-P., Phan, T.-T.-D., Dao, V.-L., and Pham, C.-K. (2016, January 26\u201328). A compact, ultra-low power AES-CCM IP core for wireless body area networks. Proceedings of the International Conference on Very Large Scale Integration (VLSI-SoC), Tallinn, Estonia."},{"key":"ref_27","unstructured":"Badillo, I.A., Uribe, C.F., Cumplido, R., and Sandoval, M.M. (2008, January 3\u20135). FPGA Implementation and Performance Evaluation of AES-CCM Cores for Wireless Networks. Proceedings of the International Conference on Reconfigurable Computing and FPGAs (ReConFig), Cancun, Mexico."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Nir, Y., and Langley, A. (2022, June 10). ChaCha20 and Poly1305 for IETF Protocols. RFC 8439, June 2018. Available online: https:\/\/datatracker.ietf.org\/doc\/html\/rfc8439.","DOI":"10.17487\/RFC8439"},{"key":"ref_29","unstructured":"Bernstein, D.J. (2008). The Salsa20 Family of Stream Ciphers. New Stream Cipher Designs: The eSTREAM Finalists, Springer."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"46014","DOI":"10.1109\/ACCESS.2022.3169767","article-title":"Trusted Execution Environment Hardware by Isolated Heterogeneous Architecture for Key Scheduling","volume":"10","author":"Hoang","year":"2022","journal-title":"IEEE Access"},{"key":"ref_31","unstructured":"RISC-V Foundation (2022, June 10). Rocket Chip Generator, 2019. Available online: https:\/\/github.com\/chipsalliance\/rocket-chip."},{"key":"ref_32","unstructured":"SiFive, Inc. (2022, June 10). SiFive TileLink Specification, August 2019. Available online: https:\/\/static.dev.sifive.com\/docs\/tilelink\/tilelink-spec-1.7-draft.pdf."},{"key":"ref_33","unstructured":"ARM (2022, June 10). AMBA AXI and ACE Protocol Specification; Jan. 2021. Available online: https:\/\/developer.arm.com\/documentation\/ihi0022\/hc?lang=en."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/6\/2\/30\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T23:33:42Z","timestamp":1760139222000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/6\/2\/30"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,6,17]]},"references-count":33,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,6]]}},"alternative-id":["cryptography6020030"],"URL":"https:\/\/doi.org\/10.3390\/cryptography6020030","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,6,17]]}}}