Re: [Cfrg] Comment draft-irtf-cfrg-xchacha-01
Scott Arciszewski <scott@paragonie.com> Sat, 14 September 2019 09:48 UTC
Return-Path: <scott@paragonie.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBDD7120026 for <cfrg@ietfa.amsl.com>; Sat, 14 Sep 2019 02:48:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=paragonie-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jAK13uAWECaT for <cfrg@ietfa.amsl.com>; Sat, 14 Sep 2019 02:48:38 -0700 (PDT)
Received: from mail-lj1-x229.google.com (mail-lj1-x229.google.com [IPv6:2a00:1450:4864:20::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F41CC120059 for <cfrg@irtf.org>; Sat, 14 Sep 2019 02:48:37 -0700 (PDT)
Received: by mail-lj1-x229.google.com with SMTP id c22so1533821ljj.4 for <cfrg@irtf.org>; Sat, 14 Sep 2019 02:48:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paragonie-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=IjVM+QK+g7Fl3iyJvop7/q863ZRZJetcknRBEUVvGXE=; b=bbfH+9c5V/TFZJIWw3bpp2d8QTAfRAn0jWjAzp4Zv+1nIxmxpagx4jpBf/dpVZTLZ4 VqZE92mCB/mHnEfgN5fXw9W8oFVZgmyPPxD0q+MqFzvsRiHSgiUhd99muWA463aAIJWr t/OkmtkXSZRqYRabjqx7kK1mSpcB/nuRg8qSYSr324F4S8ORs7Wy+4g0shaSwGw4t1cl jOyoxAOjWY6VwiXOsLLL8quIHJDK4k097XTLEUOa8OSfn/OBnBkI3nrhCZ4dRO1lWITO x6mySiMhiFGtqQ6R2Vi+uuaD/khnoZLuJAWVoCcc3uYTI4h510l8j/juTP3Eq7suIvAF ZKqw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=IjVM+QK+g7Fl3iyJvop7/q863ZRZJetcknRBEUVvGXE=; b=owqEqIi6Jr31XIMQM0rtHFt4rTrcfWDOnEkkQEKE19ItlMrtt5KQ8BG0Pnv2wQC+u2 voH31Tdt257FvakvI06YY+BSI9WxieMxQ9koUGBZlhA9faGRWkz1jHaVC3MyTcY/40ba IR6uzGRo5hZhGVwTuyFguDGNxlF8kUK52Sn8VxJOttmdKq5/nje1XiL25MOS3Yv6TImf CtJtESrwgR+bpHJFmj9Gwurl53jb6VJLYiPAFzP6usfkw7ugcvmjv7rX2cgsZ7+Pao1f Ef5+RrUfqS8f6xhMW6We0yc+dOrHdBt8Apl+sFdMYThWcVIqOq22ej71RtceqsezUU+i kn9A==
X-Gm-Message-State: APjAAAVo91kQMtfRhDDlhA1Q893o4OZulo3bdpSy8f0MgPd7U3mEWpJ1 daIpgzNDjZpvvDjcQWHN9HKDAN3tOZr3ohNN18yM406xBes=
X-Google-Smtp-Source: APXvYqxZCQQHHdCn5+Jlyv15hnGrXWVbKuWI3r8M0TGRecaT/G1dxf1vPvEkxDRK5E5AMRQhF6t46E7p/E592gXJ4P4=
X-Received: by 2002:a2e:95cd:: with SMTP id y13mr31934500ljh.188.1568454516054; Sat, 14 Sep 2019 02:48:36 -0700 (PDT)
MIME-Version: 1.0
References: <CADp+LJK0afnw4DypZ2f+p=vgMOvHvDoy7UY+K7BbbXjX=SNa+A@mail.gmail.com>
In-Reply-To: <CADp+LJK0afnw4DypZ2f+p=vgMOvHvDoy7UY+K7BbbXjX=SNa+A@mail.gmail.com>
From: Scott Arciszewski <scott@paragonie.com>
Date: Sat, 14 Sep 2019 05:48:25 -0400
Message-ID: <CAKws9z2=GxJSfgUrbaC8kZ-aZpjEzEO9fjO8uVns5Vf1-4j8QQ@mail.gmail.com>
To: Noah Schwarz <noah.anabiik.schwarz@gmail.com>
Cc: cfrg@irtf.org
Content-Type: multipart/alternative; boundary="00000000000046b7080592804614"
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/wmzwforBziPOYG2CAQUDEyuYbfs>
Subject: Re: [Cfrg] Comment draft-irtf-cfrg-xchacha-01
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Sep 2019 09:48:41 -0000
Oh, great catch. I'll be sure to fix this in draft02 (along with updating the ChaCha20-Poly1305 RFC reference to the updated one). Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com> On Sat, Sep 14, 2019 at 5:39 AM Noah Schwarz <noah.anabiik.schwarz@gmail.com> wrote: > Dear CFRG, > > Section 2.3.1 XChaCha20 Pseudocode is incorrect regarding the block > counter. > > Currently: > > xchacha20_encrypt(key, nonce, plaintext): > subkey = hchacha20(key, nonce[0:15]) > chacha20_nonce = "\x00\x00\x00\x00" + nonce[16:23] > blk_ctr = 0 > return chacha20_encrypt(subkey, chacha20_nonce, plaintext, blk_ctr) > > Correction: > > xchacha20_encrypt(key, nonce, plaintext, blk_ctr): > subkey = hchacha20(key, nonce[0:15]) > chacha20_nonce = "\x00\x00\x00\x00" + nonce[16:23] > return chacha20_encrypt(subkey, chacha20_nonce, plaintext, blk_ctr) > > Kind regards, > > Noah Anabiik Schwarz > _______________________________________________ > Cfrg mailing list > Cfrg@irtf.org > https://www.irtf.org/mailman/listinfo/cfrg >
- Re: [Cfrg] Comment draft-irtf-cfrg-xchacha-01 Scott Arciszewski
- [Cfrg] Comment draft-irtf-cfrg-xchacha-01 Noah Schwarz