You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Feb 5, 2021. It is now read-only.
Using AES-PMAC-SIV with Python 3.6 as follows produces as an error:
frommiscreant.aeadimportAEADfromsecretsimporttoken_bytesaead=AEAD('AES-PMAC-SIV', key=b'0'*64)
# this works:aead.seal(token_bytes(1024*4), nonce=b'0'*16)
# this fails:aead.seal(token_bytes(1024*5), nonce=b'0'*16)
Traceback (most recent call last):
File "error.py", line 5, in <module>
aead.seal(token_bytes(1024*5), nonce=b'0'*16)
File "/Users/denis/.virtualenvs/spare/lib/python3.6/site-packages/miscreant/aead.py", line 60, in sealreturnself.siv.seal(plaintext, [associated_data, nonce])
File "/Users/denis/.virtualenvs/spare/lib/python3.6/site-packages/miscreant/aes/siv.py", line 47, in seal
v =self.__s2v(associated_data, plaintext)
File "/Users/denis/.virtualenvs/spare/lib/python3.6/site-packages/miscreant/aes/siv.py", line 114, in __s2v
mac.update(plaintext[:difference])
File "/Users/denis/.virtualenvs/spare/lib/python3.6/site-packages/miscreant/mac/pmac.py", line 118, in updateself.__process_buffer()
File "/Users/denis/.virtualenvs/spare/lib/python3.6/site-packages/miscreant/mac/pmac.py", line 145, in __process_bufferself.offset.xor_in_place(self.l[ctz.trailing_zeroes(self.counter +1)])
File "/Users/denis/.virtualenvs/spare/lib/python3.6/site-packages/miscreant/ctz.py", line 25, in trailing_zeroesreturnCTZ_TABLE[value]
IndexError: list index out of range
With AES-SIV this error does not occur.
The text was updated successfully, but these errors were encountered:
Oh my, yes the table-based CTZ implementation used for PMAC is completely bogus for this purpose, at least unless it were to be iterated modulo the the table size when it overflows like this.
That said, I have been meaning to go through all of the implementations of CTZ in languages that don't provide an intrinsic for it (which is Python, Ruby, and JavaScript, as Go and Rust provide one) and replace them with with a method based on De Bruijn sequences, which IMO is the "proper" solution.
If you don't mind, I'll hijack this ticket as a tracking issue for that...
tarcieri
changed the title
[Python] IndexError with AES-PMAC-SIV
Table-based CTZ implementation (used to implement PMAC in JS, Python, and Ruby) does not support large messages
Jun 21, 2018
Using AES-PMAC-SIV with Python 3.6 as follows produces as an error:
With AES-SIV this error does not occur.
The text was updated successfully, but these errors were encountered: