View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0011251 | GNUnet | cadet service | public | 2026-03-13 18:00 | 2026-06-17 11:34 |
| Reporter | schanzen | Assigned To | schanzen | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | resolved | Resolution | fixed | ||
| Target Version | 1.0.0 | Fixed in Version | 0.28.0 | ||
| Summary | 0011251: CADET encryption authentication smell | ||||
| Description | The header encyption HENCRYPT and the message encryption ENCRYPT according the spec should both be AEAD schemes The CADET implementation takes a shortcut: It Encrypts the header and the plaintext separately with the respective keys using TWOFISH(AES(*)) and then appends a MAC using the HK that is calculated over both ciphertexts Probably not breakable per se, but smells bad. | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2026-03-13 18:00 | schanzen | New Issue | |
| 2026-06-17 11:34 | schanzen | Assigned To | => schanzen |
| 2026-06-17 11:34 | schanzen | Status | new => resolved |
| 2026-06-17 11:34 | schanzen | Resolution | open => fixed |
| 2026-06-17 11:34 | schanzen | Fixed in Version | => 0.28.0 |
| 2026-06-17 11:34 | schanzen | Note Added: 0028923 |
