Skip to content
This repository was archived by the owner on May 13, 2024. It is now read-only.
This repository was archived by the owner on May 13, 2024. It is now read-only.

Nonce generation incorrect #92

Description

@weaversa

I understand that this repository is deprecated, but we did find one last issue by using Cryptol and SAW, and I guess it's possible that the same issue exists in the newer Python code, but we don't have plans to analyze that. So, just in case, here is the bug --

The correctness of the ElectionGuard system relies on a random nonce being generated in Z q. Instead, the nonce that's generated is a random 4096-bit number.

Specifically, Crypto_encrypt in crypto.c generates the nonce using RandomSource_uniform_bignum_o when (we guess) it should be using RandomSource_uniform_bignum_o_q.

We've identified this issue, but we have not ruled out that this same kind of error isn't also happening elsewhere, so it might be worthwhile to take a second look at nonce generation over the whole codebase.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions