diff --git a/shadowsocks-csharp/Data/libcrypto-1_1.dll.gz b/shadowsocks-csharp/Data/libcrypto-1_1.dll.gz
deleted file mode 100644
index ed19e1d1..00000000
Binary files a/shadowsocks-csharp/Data/libcrypto-1_1.dll.gz and /dev/null differ
diff --git a/shadowsocks-csharp/Data/libsscrypto.dll.gz b/shadowsocks-csharp/Data/libsscrypto.dll.gz
index e900a782..ff39152f 100755
Binary files a/shadowsocks-csharp/Data/libsscrypto.dll.gz and b/shadowsocks-csharp/Data/libsscrypto.dll.gz differ
diff --git a/shadowsocks-csharp/Encryption/AEAD/AEADSodiumEncryptor.cs b/shadowsocks-csharp/Encryption/AEAD/AEADSodiumEncryptor.cs
index 75835739..2aa2856f 100644
--- a/shadowsocks-csharp/Encryption/AEAD/AEADSodiumEncryptor.cs
+++ b/shadowsocks-csharp/Encryption/AEAD/AEADSodiumEncryptor.cs
@@ -10,7 +10,8 @@ namespace Shadowsocks.Encryption.AEAD
         : AEADEncryptor, IDisposable
     {
         private const int CIPHER_CHACHA20IETFPOLY1305 = 1;
-        private const int CIPHER_AES256GCM = 2;
+        private const int CIPHER_XCHACHA20IETFPOLY1305 = 2;
+        private const int CIPHER_AES256GCM = 3;
 
         private byte[] _sodiumEncSubkey;
         private byte[] _sodiumDecSubkey;
@@ -25,6 +26,7 @@ namespace Shadowsocks.Encryption.AEAD
         private static readonly Dictionary<string, EncryptorInfo> _ciphers = new Dictionary<string, EncryptorInfo>
         {
             {"chacha20-ietf-poly1305", new EncryptorInfo(32, 32, 12, 16, CIPHER_CHACHA20IETFPOLY1305)},
+            {"xchacha20-ietf-poly1305", new EncryptorInfo(32, 32, 24, 16, CIPHER_XCHACHA20IETFPOLY1305)},
             {"aes-256-gcm", new EncryptorInfo(32, 32, 12, 16, CIPHER_AES256GCM)},
         };
 
@@ -65,6 +67,13 @@ namespace Shadowsocks.Encryption.AEAD
                         null, _encNonce,
                         _sodiumEncSubkey);
                     break;
+                case CIPHER_XCHACHA20IETFPOLY1305:
+                    ret = Sodium.crypto_aead_xchacha20poly1305_ietf_encrypt(ciphertext, ref encClen,
+                        plaintext, (ulong)plen,
+                        null, 0,
+                        null, _encNonce,
+                        _sodiumEncSubkey);
+                    break;
                 case CIPHER_AES256GCM:
                     ret = Sodium.crypto_aead_aes256gcm_encrypt(ciphertext, ref encClen,
                         plaintext, (ulong)plen,
@@ -99,6 +108,13 @@ namespace Shadowsocks.Encryption.AEAD
                         null, 0,
                         _decNonce, _sodiumDecSubkey);
                     break;
+                case CIPHER_XCHACHA20IETFPOLY1305:
+                    ret = Sodium.crypto_aead_xchacha20poly1305_ietf_decrypt(plaintext, ref decPlen,
+                        null,
+                        ciphertext, (ulong)clen,
+                        null, 0,
+                        _decNonce, _sodiumDecSubkey);
+                    break;
                 case CIPHER_AES256GCM:
                     ret = Sodium.crypto_aead_aes256gcm_decrypt(plaintext, ref decPlen,
                         null,
diff --git a/shadowsocks-csharp/Encryption/MbedTLS.cs b/shadowsocks-csharp/Encryption/MbedTLS.cs
index b1d762d0..4e0b76d8 100644
--- a/shadowsocks-csharp/Encryption/MbedTLS.cs
+++ b/shadowsocks-csharp/Encryption/MbedTLS.cs
@@ -34,7 +34,8 @@ namespace Shadowsocks.Encryption
         public static byte[] MD5(byte[] input)
         {
             byte[] output = new byte[16];
-            md5(input, (uint) input.Length, output);
+            if (md5_ret(input, (uint) input.Length, output) != 0)
+                throw new System.Exception("mbedtls: MD5 failure");
             return output;
         }
 
@@ -42,7 +43,7 @@ namespace Shadowsocks.Encryption
         private static extern IntPtr LoadLibrary(string path);
 
         [DllImport(DLLNAME, CallingConvention = CallingConvention.Cdecl)]
-        public static extern void md5(byte[] input, uint ilen, byte[] output);
+        public static extern int md5_ret(byte[] input, uint ilen, byte[] output);
 
         /// <summary>
         /// Get cipher ctx size for unmanaged memory allocation
diff --git a/shadowsocks-csharp/Encryption/OpenSSL.cs b/shadowsocks-csharp/Encryption/OpenSSL.cs
index 1dcd1264..c88404ed 100644
--- a/shadowsocks-csharp/Encryption/OpenSSL.cs
+++ b/shadowsocks-csharp/Encryption/OpenSSL.cs
@@ -13,7 +13,7 @@ namespace Shadowsocks.Encryption
     // XXX: only for OpenSSL 1.1.0 and higher
     public static class OpenSSL
     {
-        private const string DLLNAME = "libcrypto-1_1.dll";
+        private const string DLLNAME = "libsscrypto.dll";
 
         public const int OPENSSL_ENCRYPT = 1;
         public const int OPENSSL_DECRYPT = 0;
@@ -27,7 +27,7 @@ namespace Shadowsocks.Encryption
             string dllPath = Utils.GetTempPath(DLLNAME);
             try
             {
-                FileManager.UncompressFile(dllPath, Resources.libcrypto_1_1_dll);
+                FileManager.UncompressFile(dllPath, Resources.libsscrypto_dll);
             }
             catch (IOException)
             {
diff --git a/shadowsocks-csharp/Encryption/Sodium.cs b/shadowsocks-csharp/Encryption/Sodium.cs
index 8ab29762..66b1abbe 100755
--- a/shadowsocks-csharp/Encryption/Sodium.cs
+++ b/shadowsocks-csharp/Encryption/Sodium.cs
@@ -73,6 +73,14 @@ namespace Shadowsocks.Encryption
         public static extern int crypto_aead_chacha20poly1305_ietf_decrypt(byte[] m, ref ulong mlen_p,
             byte[] nsec, byte[] c, ulong clen, byte[] ad, ulong adlen, byte[] npub, byte[] k);
 
+        [DllImport(DLLNAME, CallingConvention = CallingConvention.Cdecl)]
+        public static extern int crypto_aead_xchacha20poly1305_ietf_encrypt(byte[] c, ref ulong clen_p, byte[] m, ulong mlen,
+            byte[] ad, ulong adlen, byte[] nsec, byte[] npub, byte[] k);
+
+        [DllImport(DLLNAME, CallingConvention = CallingConvention.Cdecl)]
+        public static extern int crypto_aead_xchacha20poly1305_ietf_decrypt(byte[] m, ref ulong mlen_p, byte[] nsec, byte[] c,
+            ulong clen, byte[] ad, ulong adlen, byte[] npub, byte[] k);
+
         [DllImport(DLLNAME, CallingConvention = CallingConvention.Cdecl)]
         public static extern int crypto_aead_aes256gcm_encrypt(byte[] c, ref ulong clen_p, byte[] m, ulong mlen,
             byte[] ad, ulong adlen, byte[] nsec, byte[] npub, byte[] k);
diff --git a/shadowsocks-csharp/Properties/Resources.Designer.cs b/shadowsocks-csharp/Properties/Resources.Designer.cs
index 00c41ddf..d64dd2f7 100644
--- a/shadowsocks-csharp/Properties/Resources.Designer.cs
+++ b/shadowsocks-csharp/Properties/Resources.Designer.cs
@@ -100,16 +100,6 @@ namespace Shadowsocks.Properties {
             }
         }
         
-        /// <summary>
-        ///   查找 System.Byte[] 类型的本地化资源。
-        /// </summary>
-        internal static byte[] libcrypto_1_1_dll {
-            get {
-                object obj = ResourceManager.GetObject("libcrypto_1_1_dll", resourceCulture);
-                return ((byte[])(obj));
-            }
-        }
-        
         /// <summary>
         ///   查找 System.Byte[] 类型的本地化资源。
         /// </summary>
diff --git a/shadowsocks-csharp/Properties/Resources.resx b/shadowsocks-csharp/Properties/Resources.resx
index 616d7612..79d005ef 100755
--- a/shadowsocks-csharp/Properties/Resources.resx
+++ b/shadowsocks-csharp/Properties/Resources.resx
@@ -124,11 +124,8 @@
   <data name="ja" type="System.Resources.ResXFileRef, System.Windows.Forms">
     <value>..\Data\ja.txt;System.String, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089;utf-8</value>
   </data>
-  <data name="libcrypto_1_1_dll" type="System.Resources.ResXFileRef, System.Windows.Forms">
-    <value>..\Data\libcrypto-1_1.dll.gz;System.Byte[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
-  </data>
   <data name="libsscrypto_dll" type="System.Resources.ResXFileRef, System.Windows.Forms">
-    <value>..\data\libsscrypto.dll.gz;System.Byte[], mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+    <value>..\Data\libsscrypto.dll.gz;System.Byte[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
   </data>
   <data name="mgwz_dll" type="System.Resources.ResXFileRef, System.Windows.Forms">
     <value>..\data\mgwz.dll.gz;System.Byte[], mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
diff --git a/shadowsocks-csharp/View/ConfigForm.Designer.cs b/shadowsocks-csharp/View/ConfigForm.Designer.cs
index 32a89bda..fc0038e3 100755
--- a/shadowsocks-csharp/View/ConfigForm.Designer.cs
+++ b/shadowsocks-csharp/View/ConfigForm.Designer.cs
@@ -252,7 +252,8 @@
             "aes-128-gcm",
             "aes-192-gcm",
             "aes-256-gcm",
-            "chacha20-ietf-poly1305"});
+            "chacha20-ietf-poly1305",
+            "xchacha20-ietf-poly1305"});
             this.EncryptionSelect.Location = new System.Drawing.Point(101, 109);
             this.EncryptionSelect.Name = "EncryptionSelect";
             this.EncryptionSelect.Size = new System.Drawing.Size(160, 20);
diff --git a/shadowsocks-csharp/shadowsocks-csharp.csproj b/shadowsocks-csharp/shadowsocks-csharp.csproj
index d9d4b80f..ba69a6af 100644
--- a/shadowsocks-csharp/shadowsocks-csharp.csproj
+++ b/shadowsocks-csharp/shadowsocks-csharp.csproj
@@ -253,7 +253,6 @@
       <SubType>Designer</SubType>
     </None>
     <None Include="Data\abp.js.gz" />
-    <None Include="Data\libcrypto-1_1.dll.gz" />
     <None Include="Data\libsscrypto.dll.gz" />
     <None Include="Data\mgwz.dll.gz" />
     <None Include="Data\privoxy.exe.gz" />