Re: [Cfrg] Trouble reproducing mulX_POLYVAL() test vector from RFC 8452 Appendix A
Tony Arcieri <bascule@gmail.com> Thu, 05 September 2019 21:22 UTC
Return-Path: <bascule@gmail.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4F97F120B31 for <cfrg@ietfa.amsl.com>; Thu, 5 Sep 2019 14:22:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.997
X-Spam-Level:
X-Spam-Status: No, score=-1.997 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mspXctJEcOdW for <cfrg@ietfa.amsl.com>; Thu, 5 Sep 2019 14:22:03 -0700 (PDT)
Received: from mail-ot1-x332.google.com (mail-ot1-x332.google.com [IPv6:2607:f8b0:4864:20::332]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 30E4E1209C1 for <cfrg@irtf.org>; Thu, 5 Sep 2019 14:22:03 -0700 (PDT)
Received: by mail-ot1-x332.google.com with SMTP id c10so3704697otd.9 for <cfrg@irtf.org>; Thu, 05 Sep 2019 14:22:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=zruj6hM7s+vuNPnEnnY0/8oxFNyqbleaJ3nehAl4pVM=; b=SYQtEwyOTLRPqd4wI5Ukt3yJrt5+mbu06fU7B9mpKkRa6gHDfUGvm7CWwcWhLlWkgA lnVIFcFrjTocWvOccg6ysMXeqvwz/mF9celpmMvVI1MBwRCeZm2GMRUu3ewMayko8QqN js/Gy4ppmMNfmVgFQJE8A1dY5wuCiQg8RmSR6javQspKA5Uq5cvTp2jnHy1Rc6ozfkF9 QEugLNh+iSMI49VHwbEZb9jvBQKRNv8Yi5LUO6BDCVOE7P0MsNAw2s6aM2SP4aIu1aFK QkE7O0Zoh4IwuODOuIkLJybbtHYs/+2/dkXg11524kbKQFJjJmtIqOQYDMg/jlPsx1LB 3rhg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=zruj6hM7s+vuNPnEnnY0/8oxFNyqbleaJ3nehAl4pVM=; b=PynzYc9akaHURQqhmTLG77QwjVL50HY8hO8A6ta4Ao7nQVNES6uqa3qQoJWmzT23rb FpjQ47ni9nvZzIk2mBnvp/zcBcFFWL2cHiRUCe+CV34biDppKKFRApYwcCCEOE7CwYES uSl9WPaYhq4gO+pLb4yNExTWNnakXFeJaytu9RS7rE+ls1LrhPwP1geyZSc4AfBGIovl jURAo1KwPZbcDRJEifFTcKe6qfUfy7Re2pdc+DBd7fQFBXVXZjyVacYRZKfP0H576Ibo KCJYtdHqa0d9CDsr4uifHd1ZIKcaAB5VIgidUNohvHHIiXxj+lgwTJybIu8kpLyMSmJJ Fw3w==
X-Gm-Message-State: APjAAAXq/EMA/xrAx3+thnokYx2pbaumfB2YHk3WhPk8FMpzFx7FCYLd +kZzBOpVH3m5UE/O3gaeLv5AJ8KMq16I3aRzY2miEJal
X-Google-Smtp-Source: APXvYqy611qz7ysp2YXTN3dSbdKcIw/icrkjtCXCSh0jNVOzOD2RG1MC8jsFUS807BaWwH19fikQ89YGt7Vm9mbQTos=
X-Received: by 2002:a9d:5a14:: with SMTP id v20mr4590985oth.332.1567718522419; Thu, 05 Sep 2019 14:22:02 -0700 (PDT)
MIME-Version: 1.0
References: <CAHOTMVJZXiVTMLoFO9XG8Y2ft29ejK4qLm2QMAG5tJ8FL5oy3g@mail.gmail.com> <CAMfhd9VhYHozoAnHGNVntXxYHayehV3zeifpf1dU_+DiO7GTuA@mail.gmail.com>
In-Reply-To: <CAMfhd9VhYHozoAnHGNVntXxYHayehV3zeifpf1dU_+DiO7GTuA@mail.gmail.com>
From: Tony Arcieri <bascule@gmail.com>
Date: Thu, 05 Sep 2019 14:21:51 -0700
Message-ID: <CAHOTMVLC09N5k6wZ9=bcdKmN7-nXVpkMTUpJ=_xz+qWd2M8UBQ@mail.gmail.com>
To: Adam Langley <agl@imperialviolet.org>
Cc: CFRG <cfrg@irtf.org>
Content-Type: multipart/alternative; boundary="000000000000a2fe120591d4e9db"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/dMFUGrhPi4mxbKFwwZa30S_deO4>
Subject: Re: [Cfrg] Trouble reproducing mulX_POLYVAL() test vector from RFC 8452 Appendix A
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Sep 2019 21:22:06 -0000
Thanks for confirming. I filed an errata report. On Thu, Sep 5, 2019 at 2:07 PM Adam Langley <agl@imperialviolet.org> wrote: > On Thu, Sep 5, 2019 at 1:05 PM Tony Arcieri <bascule@gmail.com> wrote: > >> I've been trying to implement mulX_POLYVAL() as described in RFC 8452 >> Appendix A: >> >> https://tools.ietf.org/html/rfc8452#appendix-A >> >> It says: >> >> Given the 16-byte string 01000000000000000000000000000000, [...] >> >> mulX_POLYVAL of that string is 02000000000000000000000000000000. >> >> As a more general example, given 9c98c04df9387ded828175a92ba652d8, [...] >> mulX_POLYVAL of it is 3931819bf271fada0503eb52574ca5f2. >> >> >> However, I am getting 3931819bf271fada0503eb52574ca572 (highest bit >> unset). I'm not sure if it's a problem with my code, or the test vector. >> > > Ah fuck, so do I. Indeed, even if I revert my test code back to the point > in time when I wrote that, I still get the same answer. I fear that it's a > transliteration error: I may have been editing the XML on a different > machine than the one that I had the code on and the '7' looked like an 'f'. > > The IETF doesn't fix RFCs, but could you report an errata on it and then I > think I can mark it verified. > > > Cheers > > AGL > -- Tony Arcieri
- [Cfrg] Trouble reproducing mulX_POLYVAL() test ve… Tony Arcieri
- Re: [Cfrg] Trouble reproducing mulX_POLYVAL() tes… Adam Langley
- Re: [Cfrg] Trouble reproducing mulX_POLYVAL() tes… Tony Arcieri
- Re: [Cfrg] Trouble reproducing mulX_POLYVAL() tes… Peter Gutmann