python-cryptoplus icon indicating copy to clipboard operation
python-cryptoplus copied to clipboard
verified publisher icon doegox

XTS upper bound assertion is wrong

Open jdanders opened this issue 8 years ago • 1 comments

On line 454 of blockcipher.py, the assertion:

assert len(data) < 128*pow(2,20)

should be

assert len(data) < 16*pow(2,20)

The NIST recommendation reads:

The length of the data unit for any instance of an implementation of XTS-AES shall not exceed 2^20 AES blocks

An AES block is 16 bytes, or 128 bits, and the data in the code at this point is bytes, not bits, so the number 16 should be used, not 128. Or even better, a constant AES_BLK_BYTES should be created with the value of 16, and all the 16's in this section could be replaced with that constant.

jdanders avatar May 05 '17 03:05 jdanders

I would suggest the expression <= 16 * 2**20 because "shall not exceed"

crackwitz avatar Jan 21 '19 01:01 crackwitz