errata logo graphic

Found 1 record.

Status: Reported (1)

RFC5116, "An Interface and Algorithms for Authenticated Encryption", January 2008

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 4008

Status: Reported
Type: Technical

Reported By: Tapio Sokura
Date Reported: 2014-06-08

Section 2.2 says:

   The
   authenticated decrypt operation will, with high probability, return
   FAIL whenever the inputs N, P, and A were crafted by a nonce-
   respecting adversary that does not know the secret key (assuming that
   the AEAD algorithm is secure).

It should say:

   The
   authenticated decrypt operation will, with high probability, return
   FAIL whenever the inputs N, C, and A were crafted by a nonce-
   respecting adversary that does not know the secret key (assuming that
   the AEAD algorithm is secure).

Notes:

Inputs to the authenticated decrypt operation do not include plaintext P, but instead includes ciphertext C.


Report New Errata