RFC Errata


Errata Search
 
Source of RFC  
Summary Table Full Records

Found 3 records.

Status: Verified (3)

RFC 9605, "Secure Frame (SFrame): Lightweight Authenticated Encryption for Real-Time Media", August 2024

Source of RFC: sframe (art)

Errata ID: 8321
Status: Verified
Type: Technical
Publication Format(s) : TEXT, PDF, HTML
Reported By: Rich Logan
Date Reported: 2025-03-03
Verifier Name: Orie Steele
Date Verified: 2025-03-25

Section 4.4.3 says: 

def encrypt(CTR, KID, metadata, plaintext):
sframe_key, sframe_salt = key_store[KID]
# encode_big_endian(x, n) produces an n-byte string encoding the
# integer x in big-endian byte order.
ctr = encode_big_endian(CTR, AEAD.Nn)
nonce = xor(sframe_salt, CTR)
# encode_sframe_header produces a byte string encoding the
# provided KID and CTR values into an SFrame header.
header = encode_sframe_header(CTR, KID)
aad = header + metadata
ciphertext = AEAD.Encrypt(sframe_key, nonce, aad, plaintext)
return header + ciphertext

It should say:

def encrypt(CTR, KID, metadata, plaintext):
sframe_key, sframe_salt = key_store[KID]
# encode_big_endian(x, n) produces an n-byte string encoding the
# integer x in big-endian byte order.
ctr = encode_big_endian(CTR, AEAD.Nn)
nonce = xor(sframe_salt, ctr)
# encode_sframe_header produces a byte string encoding the
# provided KID and CTR values into an SFrame header.
header = encode_sframe_header(CTR, KID)
aad = header + metadata
ciphertext = AEAD.Encrypt(sframe_key, nonce, aad, plaintext)
return header + ciphertext

Notes:

The formation of the nonce states to xor the sframe_salt with CTR, which is the original counter value, not the encoded big endian representation created on the line above, which I believe is the intention.

Errata ID: 8565
Status: Verified
Type: Technical
Publication Format(s) : TEXT, HTML
Reported By: Richard Barnes
Date Reported: 2025-09-04
Verifier Name: Andy Newton
Date Verified: 2025-11-01

Section 4.5.1 says: 

using the authenticated counter mode of AES

It should say:

using the unauthenticated counter mode of AES

Notes:

AES-CTR is not an authenticated encryption mode.

Errata ID: 8703
Status: Verified
Type: Editorial
Publication Format(s) : TEXT, PDF, HTML
Reported By: Aron Rosenberg
Date Reported: 2026-01-15
Verifier Name: RFC Editor

Section C.2. says: 

*  auth_key: The encryption subkey produced by the derive_subkeys()
      algorithm

It should say:

*  auth_key: The authentication subkey produced by the derive_subkeys()
      algorithm

Notes:

Copy/paste error on the description of the auth_key description string. It is the authentication subkey.

Report New Errata



Advanced Search