%% You should probably cite draft-irtf-cfrg-xchacha instead of this I-D.
@techreport{arciszewski-xchacha-03,
    number =    {draft-arciszewski-xchacha-03},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-arciszewski-xchacha/03/},
    author =    {Scott Arciszewski},
    title =     {{XChaCha: eXtended-nonce ChaCha and AEAD\_XChaCha20\_Poly1305}},
    pagetotal = 15,
    year =      2018,
    month =     dec,
    day =       18,
    abstract =  {The eXtended-nonce ChaCha cipher construction (XChaCha) allows for ChaCha-based ciphersuites to accept a 192-bit nonce with similar guarantees to the original construction, except with a much lower probability of nonce misuse occurring. This enables XChaCha constructions to be stateless, while retaining the same security assumptions as ChaCha. This document defines XChaCha20, which uses HChaCha20 to convert the key and part of the nonce into a subkey, which is in turn used with the remainder of the nonce with ChaCha20 to generate a pseudorandom keystream (e.g. for message encryption). This document also defines AEAD\_XChaCha20\_Poly1305, a variant of {[}RFC7539{]} that utilizes the XChaCha20 construction in place of ChaCha20.},
}