SIV decryption error: "siv: authentication failed"

Question

SIV decryption error: "siv: authentication failed"

ykcab opened this issue 4 years ago · 1 comments

Issue decrypting a message when using the nonce for both AES-PMAC-SIV and AES-SIV. However, no issue if you use SIV without nonce.

Replicate the issue:

func main() {
	key := miscreant.GenerateKey(32)
	pt:= []byte("Hello, world!")
	c, err := miscreant.NewAEAD("AES-SIV", key, 16)
	if err != nil {
		log.Fatal(err)
	}
	nonce := miscreant.GenerateNonce(c)
	ct := make([]byte, len(pt)+c.Overhead())

	enc := c.Seal(ct, nonce, pt, nil)

	// decrypt the data
	cp := make([]byte, len(pt)+c.Overhead())
	nonce, data := enc[:c.NonceSize()], enc[c.NonceSize():]  // with go cipher.AEAD primitive you'd extract the nonce and the cipher text this way.

	data2, err := c.Open(cp, nonce, data, nil)
	if err != nil {
		log.Fatalln(err)
	}
	fmt.Println(string(data2)) //print the plain text.
}

Result after running the above:

siv: authentication failed

Answer 1 · 2020-06-29T00:24:36.000Z

ok, here is a better example to follow:

package main

import (
	"fmt"
	"log"

	"github.com/miscreant/miscreant.go"
)

func main() {
	key := miscreant.GenerateKey(32)

	c, err := miscreant.NewAEAD("AES-CMAC-SIV", key, 16)
	if err != nil {
		log.Fatalln(err)
	}
	plaintext := []byte("Hello, world!")

	nonce := miscreant.GenerateNonce(c)

	ciphertext := c.Seal(nil, nonce, plaintext, nil)

	//decrypt

	decrypted, err := c.Open(nil, nonce, ciphertext, nil)
	if err != nil {
		log.Fatalln(err)
	}
	fmt.Println("decrypted: ", string(decrypted))
}