diff --git a/core/cipher.go b/core/cipher.go
index 3da49b51..226859bc 100644
--- a/core/cipher.go
+++ b/core/cipher.go
@@ -50,6 +50,7 @@ var streamList = map[string]struct {
 	"AES-192-CFB":   {24, shadowstream.AESCFB},
 	"AES-256-CFB":   {32, shadowstream.AESCFB},
 	"CHACHA20-IETF": {32, shadowstream.Chacha20IETF},
+	"XCHACHA20":     {32, shadowstream.Xchacha20},
 }
 
 // ListCipher returns a list of available cipher names sorted alphabetically.
diff --git a/shadowstream/cipher.go b/shadowstream/cipher.go
index 1ffe1b83..dea233e1 100644
--- a/shadowstream/cipher.go
+++ b/shadowstream/cipher.go
@@ -70,3 +70,22 @@ func Chacha20IETF(key []byte) (Cipher, error) {
 	}
 	return chacha20ietfkey(key), nil
 }
+
+type xchacha20key []byte
+
+func (k xchacha20key) IVSize() int                       { return chacha20.XNonceSize }
+func (k xchacha20key) Decrypter(iv []byte) cipher.Stream { return k.Encrypter(iv) }
+func (k xchacha20key) Encrypter(iv []byte) cipher.Stream {
+	ciph, err := chacha20.NewCipher(k, iv)
+	if err != nil {
+		panic(err) // should never happen
+	}
+	return ciph
+}
+
+func Xchacha20(key []byte) (Cipher, error) {
+	if len(key) != chacha20.KeySize {
+		return nil, KeySizeError(chacha20.KeySize)
+	}
+	return xchacha20key(key), nil
+}