AURA: Core Algorithms
A deeper look at the cryptographic primitives that power the AURA protocol.
ChaCha20 Stream Cipher
How it Works: ChaCha20 is a stream cipher that generates a long stream of unpredictable, pseudo-random bytes called a "keystream." This keystream is then combined with the plaintext data using a simple XOR operation. The result is an encrypted ciphertext that is the same size as the original data.
Why it was chosen for AURA: While AES is the more famous standard, the ChaCha20 family of ciphers was chosen for several key advantages in this context. It's exceptionally fast in software-only implementations where hardware AES acceleration isn't guaranteed. More importantly, as a stream cipher, it avoids the complexities of block cipher "modes of operation" and "padding," which have historically been a source of implementation errors and security vulnerabilities. Its simplicity leads to a more robust and secure implementation.
HMAC-SHA512
How it Works: An HMAC (Hash-based Message Authentication Code) is a cryptographic signature that provides both integrity (proof the data wasn't changed) and authenticity (proof it came from someone with the key). It works by hashing the message data twice with the secret key in a specific construction, making it resistant to cryptographic attacks that can affect simpler hashed signatures.
Why it was chosen for AURA: Using HMAC with the strong SHA-512 hash function is the standard, time-tested way to ensure authenticity. AURA uses it to create the "cover-binding" AEAD scheme. The HMAC tag is calculated from the encrypted data *and* the pixel data of the cover image, ensuring they are a matched set.
HKDF-SHA512
How it Works: A Key Derivation Function's job is to take one secret (the master key) and generate multiple, cryptographically separate sub-keys from it. HKDF does this via a two-stage "extract-then-expand" process, ensuring that even if one derived sub-key is somehow compromised, it cannot be used to figure out the master key or any other sub-keys.
Why it was chosen for AURA: This is a critical security practice. Instead of re-using the same master key for multiple different jobs, AURA uses HKDF to create unique keys for encryption, for authentication (the HMAC key), and for generating the random pixel path. This prevents unforeseen interactions between the different parts of the protocol.