If memory serves, ECIES standard required ^authenticated* encryption. That means - null hash wasn't allowed.
Besides, there's Moxy Marlinspike principle: "If you don't enforce integrity, sooner or later you'll lose confidentiality as well." Having said that, I don't recall why that particular change was made, and am willing to experiment to see what would happen if it's replaced with MAC::DEFAULT_KEYLENGTH (but we'll need to review the algorithm to recall what is doing there!). Sent from my test iPhone > On Jul 1, 2019, at 18:31, Jeffrey Walton <noloa...@gmail.com> wrote: > > > >> On Monday, July 1, 2019 at 5:53:45 PM UTC-4, Jeffrey Walton wrote: >> On Mon, Jul 1, 2019 at 5:38 PM Andrew Wason <rectalo...@gmail.com> wrote: >> > >> > On Monday, July 1, 2019 at 2:51:39 PM UTC-4, Jeffrey Walton wrote: >> >> >> >> >> >> I think this may have something to do with >> >> https://cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme#Bouncy_Castle_Patch >> >> . That section needs to clearly state when the change occirs but it does >> >> not. I'll look up the info and get it added. >> > >> > Ugh, I assumed Ubuntu libcrypto++6 was based on 6, but it's 5.6.4. So I >> > need to be comparing CRYPTOPP_5_6_4 and CRYPTOPP_6_0_0 >> > https://packages.ubuntu.com/bionic/libcrypto++6 >> > >> > It turns out the problem does occur in CRYPTOPP_6_0_0 regardless of how I >> > compile, and does not occur with CRYPTOPP_5_6_4. >> > >> > I believe I found the issue. >> >... >> > >> > In 6.0.0 and later, should SymmetricEncrypt be indexing into cipherKey by >> > MAC::DIGESTSIZE instead of MAC::DEFAULT_KEYLENGTH? >> >> I don't recall why that particular change happened. I'm probably the >> guy who should remember why... Give me some time to think about it, >> the reason may come to me. >> >> Uri, Marcel - Do you guys remember why that particular change was made? > > Looking at the changes, I would not be surprised if that was a copy/paste > typo that flew under the radar because digest size was non-0. > > We opened a bug report to track changes at > https://github.com/weidai11/cryptopp/issues/856 . > > Jeff > -- > You received this message because you are subscribed to "Crypto++ Users". > More information about Crypto++ and this group is available at > http://www.cryptopp.com and > http://groups.google.com/forum/#!forum/cryptopp-users. > --- > You received this message because you are subscribed to the Google Groups > "Crypto++ Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cryptopp-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/cryptopp-users/80a88957-276c-4eb8-b182-c353f1822e5e%40googlegroups.com. -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/B5FDED0F-CA86-4557-ABA1-199203A3076E%40gmail.com.
