[Cfrg] [Errata Verified] RFC7539 (4858)

RFC Errata System <rfc-editor@rfc-editor.org> Sun, 13 November 2016 07:06 UTC

Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 58CC11296C0; Sat, 12 Nov 2016 23:06:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.699
X-Spam-Level:
X-Spam-Status: No, score=-105.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-1.497, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, USER_IN_WHITELIST=-100] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RBHdxw27lMRG; Sat, 12 Nov 2016 23:06:27 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 200D31294AB; Sat, 12 Nov 2016 23:06:27 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id E97AFB8029A; Sat, 12 Nov 2016 23:06:26 -0800 (PST)
To: timm.korte@escrypt.com, ynir.ietf@gmail.com, agl@google.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20161113070626.E97AFB8029A@rfc-editor.org>
Date: Sat, 12 Nov 2016 23:06:26 -0800 (PST)
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/1d7Gy-TceK_E_ENhSAYlZiqlztM>
Cc: rfc-editor@rfc-editor.org, cfrg@irtf.org, irtf-chair@irtf.org, irsg@irtf.org
Subject: [Cfrg] [Errata Verified] RFC7539 (4858)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Nov 2016 07:06:28 -0000

The following errata report has been verified for RFC7539,
"ChaCha20 and Poly1305 for IETF Protocols". 

--------------------------------------
You may review the report below and at:
http://www.rfc-editor.org/errata_search.php?rfc=7539&eid=4858

--------------------------------------
Status: Verified
Type: Technical

Reported by: Timm Korte <timm.korte@escrypt.com>
Date Reported: 2016-11-10
Verified by: Lars Eggert (IRSG)

Section: 2.8.

Original Text
-------------
 1.  The amount of encrypted data possible in a single invocation is
     2^32-1 blocks of 64 bytes each, because of the size of the block
     counter field in the ChaCha20 block function.  This gives a total
     of 247,877,906,880 bytes, or nearly 256 GB.

Corrected Text
--------------
 1.  The amount of encrypted data possible in a single invocation is
     2^32-1 blocks of 64 bytes each, because of the size of the block
     counter field in the ChaCha20 block function.  This gives a total
     of 274,877,906,880 bytes, or nearly 256 GB.

Notes
-----
There is an error in the result of the P_MAX = ((2^32) - 1) * 64  calculation.
The correct value is 2_74_,877,906,880 while the document states 2_47_,877,906,880.
This error has already been adopted by multiple implementations as P_MAX value.

--------------------------------------
RFC7539 (draft-irtf-cfrg-chacha20-poly1305-10)
--------------------------------------
Title               : ChaCha20 and Poly1305 for IETF Protocols
Publication Date    : May 2015
Author(s)           : Y. Nir, A. Langley
Category            : INFORMATIONAL
Source              : Crypto Forum Research Group
Area                : N/A
Stream              : IRTF
Verifying Party     : IRSG