Closed kaYcee closed 7 years ago
the header should be empty (as in zero length)
hi @mashbridge! Yes, this is undoubtedly so. But for the prefix mentioned in the paper, "0000000000000001", the CMAC is still calculated (="5d4202f32b11d716fb6b56b3f623b955") and taken into account for overall XORing, right?
it's probably easiest to compare your implementation to Nordic's, which is already known to be correct: https://github.com/NordicSemiconductor/nrf5-sdk-for-eddystone/
Thx @mashbridge! Now the situation is clear; in case the header/ad is empty (as is for ETLM) the initial header/ad prefix still needs to participate in the overall OMAC calculation and XORization. Leaving this part out leads to a wrong MIC. Confirmed with Cifra, CryptoJS and Python Crypto library.
benji_00703@hotmail.com
Sent by MailWisehttp://www.mail-wise.com/installation/4 – Your emails, with style.:)
-------- Mensaje original -------- De: kaYcee notifications@github.com Enviado: Wednesday, November 30, 2016 10:48 AM Para: google/eddystone eddystone@noreply.github.com Asunto: Re: [google/eddystone] ETLM MIC computation ambiguity (#194)
Thx @mashbridgehttps://github.com/mashbridge! Now the situation is clear; in case the header/ad is empty (as is for ETLM) the initial header/ad prefix still needs to participate in the overall OMAC calculation and XORization. Leaving this part out leads to a wrong MIC. Confirmed with Cifra, CryptoJS and Python Crypto library.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHubhttps://github.com/google/eddystone/issues/194#issuecomment-263926562, or mute the threadhttps://github.com/notifications/unsubscribe-auth/ASnVuKAlatXDiy44p_qUMQJEXSWnAbyvks5rDajkgaJpZM4LAGnS.
I am about to implement ETLM protocol according to the specified algorithm. The EAS-EAX paper defines a header H, which is obviously empty for ETLM. I was told by a beacon manufacturer that the OMAC calculated from H should entirely be ignored and not taken into account for overall MIC calculation. Which is weird, as the paper specifies an initial value of "0000000000000001H" for header OMAC computation, irrespective of the actual header provided. Section 6 Definitions of the paper states that
....the header space Header (...) are nonempty sets of strings
, hence a missing header should be handled like the empty string. Could you please confirm which algorithm has finally been implemented in Google's Proximity Beacon API? This is important because the message tag changes depending on the interpretation. Thanks!