Salsa20 Stream Cipher 32-bit Based Pseudorandom Function

Salsa20 Stream Cipher 32-bit Based Pseudorandom Function


Category: Crypto Core

Created: July 19, 2012

Updated: January 27, 2020

Language: VHDL

Other project properties

WishBone compliant: No

WishBone version: n/a

License: LGPL


Salsa20 stream cipher is built on a pseudorandom function based on 32-bit addition, bitwise addition (XOR) and rotation operations, which maps a 256-bit key, a 64-bit nonce (number used once), and a 64-bit stream position to a 512-bit output. It has advantage that the user can efficiently seek to any position in the output stream.


The target device for implementation was Cyclone 3 from Altera (EP3C120). The motivation for these was to have nonce-based PRSequence generator - proof of concept. It was intended to be used with 120MHz clock. It finally can run up to more than 150MHz, according to TimeQuest reports. It has not been tested in FPGA. Our application did not require performance, so it is not optimized for this purpose. It will give you estimately a bit more than 5 bits of PRS per cycle, in chunks of 512 bits every 86 cycles. It uses about 3% of logic elements and nothing more.