Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ascon_cxof128_t::customize uses byte-length instead of bit-length #27

Open
magical opened this issue Jan 18, 2025 · 1 comment
Open

ascon_cxof128_t::customize uses byte-length instead of bit-length #27

magical opened this issue Jan 18, 2025 · 1 comment

Comments

@magical
Copy link

magical commented Jan 18, 2025

Hi! This is one of the only Ascon implementations i could find that actually implements CXOF128 (neither of the reference implementations do), so i'm using it to sanity-check my own implementation. However, our implementations don't currently agree.

I noticed that in ascon_cxof128_t::customize you are using the byte-length of the customization string whereas the draft spec says to use the bit-length. (I made this mistake initially too.)

Per section 5.3 of the SP 800-232 draft, line 641:

where 𝑍0 is a 64-bit integer that represents the bit-length of the customization string,

Given this input:

Customization string (5 bytes) = "ASCON"
Message (10 bytes) = 0x10 11 12 13 14 15 16 17 18 19

I believe the output should be:

Output (30 bytes) = a0a7c58fdc38094a01289022634df9ef5a20c39a6a3478c096913ebef59c

That's what my implementation produces, and with the length issue fixed it's what i get from yours too!
@itzmeanjan
Copy link
Owner

Hi, thanks for reporting this. It makes sense. Let me have a look.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@magical @itzmeanjan