ChaCha is standard enough to make it into TLS and IPSec
So now there's three variants of ChaCha20
* ChaCha20 (256-bit key, 64-bit nonce, 64-bit counter)
* IETF ChaCha20 (256-bit key, 96-bit nonce, 32-bit counter)
* XChaCha20 (256-bit key, 192-bit nonce, 64-bit counter)
It has? With test vectors and all? I want that, do you have a link?
Edit: Shit, considering it further, what I was remembering was the recent paper on BLAKE2X, not XChaCha20.