[CFRG] [Technical Errata Reported] RFC8439 (7880)
RFC Errata System <rfc-editor@rfc-editor.org> Wed, 03 April 2024 11:23 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2FB79C14F5F6; Wed, 3 Apr 2024 04:23:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.648
X-Spam-Level:
X-Spam-Status: No, score=-6.648 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jsOSt7093YIT; Wed, 3 Apr 2024 04:23:41 -0700 (PDT)
Received: from rfcpa.amsl.com (rfcpa.amsl.com [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B4A3C14F68B; Wed, 3 Apr 2024 04:23:36 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 1D8B04C290; Wed, 3 Apr 2024 04:23:36 -0700 (PDT)
To: ynir.ietf@gmail.com, agl@google.com, irsg@irtf.org, cfrg@irtf.org
From: RFC Errata System <rfc-editor@rfc-editor.org>
Cc: v@njh.eu, rfc-editor@rfc-editor.org
Content-Type: text/plain; charset="UTF-8"
Message-Id: <20240403112336.1D8B04C290@rfcpa.amsl.com>
Date: Wed, 03 Apr 2024 04:23:36 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/XPHUjFaPPVIwVABmGAMkIvccBRw>
Subject: [CFRG] [Technical Errata Reported] RFC8439 (7880)
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Apr 2024 11:23:45 -0000
The following errata report has been submitted for RFC8439, "ChaCha20 and Poly1305 for IETF Protocols". -------------------------------------- You may review the report below and at: https://www.rfc-editor.org/errata/eid7880 -------------------------------------- Type: Technical Reported by: Volker Diels-Grabsch <v@njh.eu> Section: 2.4.1 Original Text ------------- encrypted_message |= (block^key_stream)[0..len(plaintext)%64] Corrected Text -------------- encrypted_message |= (block^key_stream)[0..(len(plaintext)%64)-1] Notes ----- If the plaintext size is not a multiple of 64 bytes, there is an off-by-one error in appending the final block of the encrypted message. In the original version, the encrypted message would always be one byte larger than the plaintext. The corrected version ensures that the encrypted message size is always equal to the plaintext size. For completeness: If the plaintext size is a multiple of 64 bytes, the second part of the code is skipped. Hence, this off-by-one error is not triggered in that specific case. (Non-)relation to correction 5989: The "original text", as quoted here, assumes that correction 5989 has already been applied. Correction 5989 deals with a different issue of this line of code, namely, the replacement of "+=" by "|=". This is completely orthogonal to the off-by-one error described here. Instructions: ------------- This erratum is currently posted as "Reported". (If it is spam, it will be removed shortly by the RFC Production Center.) Please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party will log in to change the status and edit the report, if necessary. -------------------------------------- RFC8439 (draft-nir-cfrg-rfc7539bis-04) -------------------------------------- Title : ChaCha20 and Poly1305 for IETF Protocols Publication Date : June 2018 Author(s) : Y. Nir, A. Langley Category : INFORMATIONAL Source : Crypto Forum Research Group Stream : IRTF Verifying Party : IRSG
- [CFRG] [Technical Errata Reported] RFC8439 (7880) RFC Errata System