search

usnistgov / ACVP-Server

A repository tracking releases of NIST's ACVP server. See www.github.com/usnistgov/ACVP for the protocol.
36 stars 13 forks source link

AES-XTS : Tweak Value Increment when dataUnitLenMatchesPayload == false #302

Closed afazio2 closed 5 months ago

afazio2 commented 6 months ago

environment

Demo

testSessionId

464670

vsId

2025897

Algorithm registration

[
  {
    "acvVersion":"1.0"
  },
  {
    "isSample":true,
    "operation":"register",
    "certificateRequest":"no",
    "debugRequest":"yes",
    "production":"no",
    "encryptAtRest":"yes",
    "algorithms":[
      {
        "revision":"2.0",
        "algorithm":"ACVP-AES-XTS",
        "prereqVals":[
          {
            "algorithm":"AES",
            "valValue":"same"
          },
          {
            "algorithm":"DRBG",
            "valValue":"same"
          }
        ],
        "direction":[
          "encrypt",
          "decrypt"
        ],
        "keyLen":[
          128,
          256
        ],
        "payloadLen":[
          {
            "min":128,
            "max":65536,
            "increment":128
          }
        ],
        "tweakMode":[
          "hex"
        ],
        "dataUnitLen":[
          {
            "min":1024,
            "max":65536,
            "increment":128
          }
        ],
        "dataUnitLenMatchesPayload":false
      },
      ...
    ]
  }
]

Expected behavior

Process the vectors and obtain the same results as the expected answers.

Actual behavior

Vectors results differ from the expected answers when dataUnitLen differs from payloadLen .

We kindly ask to confirm the ACVP server logic behind the tweak value increment when dataUnitLen can differ from payloadLen. We provide below an example:

Data Unit IUT Tweak Value Increment (little endian) ACVP Server Tweak Value Increment (little endian)
Data Unit #1 DF60B25ABDEC7163C531DBFF858C85FF DF60B25ABDEC7163C531DBFF858C85FF
Data Unit #2 E060B25ABDEC7163C531DBFF858C85FF E060B25ABDEC7163C531DBFF858C8500
Data Unit #3 E160B25ABDEC7163C531DBFF858C85FF E160B25ABDEC7163C531DBFF858C8500
Data Unit #4 E260B25ABDEC7163C531DBFF858C85FF E260B25ABDEC7163C531DBFF858C8500
Data Unit #5 E360B25ABDEC7163C531DBFF858C85FF E360B25ABDEC7163C531DBFF858C8500

It seems there's a similar issue #1475

k-c-w commented 6 months ago

When would a fix for this issue be rolled out?

jbrock24 commented 6 months ago

Currently working on it, a patch would be 2-3 weeks out from going to demo. I'll reply here earlier than that to let you know when it's done and when the expected release is going to be.

jbrock24 commented 6 months ago

Hi everyone, I have found the issue out and will be implementing a fix that will go out with the next release. Sorry for the inconvenience, and we really appreciate all the helpful info, thanks again. Once the release is out, we'll comment here that it's ready for testing. It will move to prod a week or two later.

livebe01 commented 5 months ago

The fix for this is on Demo in release v1.1.0.33

livebe01 commented 5 months ago

The fix for this is on Prod in release v1.1.0.33