What this tool is good for
ChaCha20 is a modern stream cipher designed by Daniel J. Bernstein. It is derived from Salsa20 and is known for strong diffusion and practical performance.
This page lets you encrypt and decrypt payloads with ChaCha20 using UTF-8, Base64, or Hex inputs, which is useful for protocol debugging and implementation checks.
Key and nonce requirements
- The key must be 32 bytes long.
- The nonce must be either 8 bytes or 12 bytes long.
- Input, key, and nonce can each be provided as UTF-8, Base64, or Hex.
- A nonce must not be reused with the same key, because nonce reuse breaks ChaCha20 confidentiality guarantees.
How to use it
- Enter the plaintext or ciphertext and choose its encoding.
- Provide the key and nonce with the correct byte length.
- Choose the output encoding and run encryption or decryption.
- Use the random-fill shortcut when you need quick test values for key and nonce, but follow your upstream system's nonce generation rules for real integrations.
Practical notes
- ChaCha20 provides encryption, but it does not by itself authenticate the ciphertext or associated metadata.
- If a protocol expects authenticated encryption, use the exact construction required by that protocol instead of assuming raw ChaCha20 is sufficient.
Related tools
- Symmetric Encrypt/Decrypt:Encrypt and decrypt with AES, TripleDES, Rabbit, and RC4