Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make AES log indistinguisable from the Poseidon one #12749

Open
benesjan opened this issue Mar 14, 2025 · 0 comments
Open

Make AES log indistinguisable from the Poseidon one #12749

benesjan opened this issue Mar 14, 2025 · 0 comments
Labels
A-privacy-leakage Area: Relates to privacy leakage. team-fairies Nico's team

Comments

@benesjan
Copy link
Contributor

benesjan commented Mar 14, 2025
edited
Loading

We have a privacy leak in encryption functionality (look for TODO(#12749) in the codebase to find where) because the each field of the AES log contains only 31 bytes of info while other kind of logs will contain full fields of info. We currently use only the AE128 encryption so this is not a problem currently on master but it will be a problem once the other schemes are used.

Having the code overfitted for AES128 is not acceptable
@benesjan benesjan changed the title Make AES log indistinguisable from Poseidon one Make AES log indistinguisable from the Poseidon one Mar 14, 2025
@benesjan benesjan mentioned this issue Mar 14, 2025
Merged
@benesjan benesjan added team-fairies Nico's team A-privacy-leakage Area: Relates to privacy leakage. A-security Area: Relates to security. Something is insecure. and removed A-security Area: Relates to security. Something is insecure. labels Mar 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-privacy-leakage Area: Relates to privacy leakage. team-fairies Nico's team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@benesjan