nordpass logo

XChaCha20 Encryption vs AES-256: What’s the Difference?

Egle Grasys
Content Writer

Encryption is the foundation of online data security. It closes off confidential information from outsiders and ensures that only the owner and intended recipient can see it. This article will give you a glimpse into two leading encryption algorithms - XChaCha20 and AES-256. Read on to learn how they work, how they differ, and which is better.

What is AES Encryption?

AES is a type of symmetric encryption (meaning that a single encryption key is used to encrypt and decrypt the data). It has become the most popular type of encryption used even by the US government.

How Does AES Encryption Work?

AES uses a block cipher to encrypt data. It divides a given set of information into blocks of 128 bits (or 16 bytes) and encrypts each block separately. While the block size is always the same, the key length varies. Currently, AES comes in 128, 192, or 256 bit encryption. The more bits, the more possible key combinations and, therefore, the more secure the encryption.

One round of encryption consists of 4 steps, and each data block goes through several rounds of encryption. For instance, AES 256-bit encrypted text goes through 14 rounds of encryption. Once the encryption process is done, it can be securely sent over the web, and only those who have access to the encryption key will be able to decrypt and access the data. Otherwise, the encrypted data is completely useless.

What is XChaCha20 Encryption?

XChaCha20 is a 256-bit stream encryption type. Like AES, it is symmetric and uses a single key to scramble and unscramble data. (Although there’s also an asymmetric version of it).

So what exactly does “stream” encryption mean? Well, instead of dividing data into blocks, XChaCha20 ciphers each bit of data separately. This makes the process much quicker and less complex than with AES. Some argue that this makes XChaCha20 a better choice than AES, but let’s take a closer look at the two in the following section.

Difference Between XChaCha20 Encryption and AES

In the table below, you can see a breakdown of the differences between the two types of encryption:

128, 192 or 256 bits
256 bits
Block cipher
Stream cipher
Prone to human error
Not as prone to human error
Requires hardware
Does not require hardware
Can be slow

For the sake of simplicity, we’ll compare the 256-bit versions of both encryption algorithms. The long encryption keys no doubt make both of these very sturdy sets of encryption. They’re both better in terms of security than any of their counterparts that use shorter encryption keys. However, there’s much more to encryption than key length.

The main difference between AES-256 and XChaCha20 encryption is that AES-256 is a block cipher, whereas XChaCha20 is a stream cipher. Also, AES encryption has built up quite a reputation (hence why it’s called the “advanced encryption standard”), while XChaCha20 is still fairly new.

However, the process of AES-256 encryption is a bit more complex than that of XChaCha20, which comes with several drawbacks:

  1. The more complex the algorithm, the more likely someone is to mess the process up and put data at risk.

  2. AES-256 requires special hardware acceleration to run smoothly, while XChaCha20 runs perfectly fine on software. For instance, Intel, AMD and newer generations of ARM processors support AES. Whereas, older generation processors usually installed on entry-level Android devices such as Android Go phones, smart TVs, smartwatches don't have built-in hardware acceleration support for AES encryption.

  3. Without special hardware, AES-256 can be several times slower than XChaCha20.

Which is better?

Well, both have their pros and cons. However, the speed and simplicity of XChaCha20 and the fact that it doesn’t need any hardware to run smoothly are swaying more and more companies (even Google!) to choose it over AES.

Here at NordPass, we recognize the need to stay ahead of the market and offer our customers only the best technological solutions. That’s why we’ve chosen to use XChaCha20 encryption for our password manager. It’s more than likely that even more companies will follow suit in the future.

Bottom line

Both AES-256 and XChaCha20 do a great job at ciphering and securing data. However, XChaCha20 clearly has its advantages over AES in terms of simplicity and speed.

Subscribe to NordPass news