Skip to content

fix(F7): CBC encryption for ooba target#56

Merged
lonerapier merged 3 commits into
fix/auditfrom
fix/ooba
Dec 2, 2025
Merged

fix(F7): CBC encryption for ooba target#56
lonerapier merged 3 commits into
fix/auditfrom
fix/ooba

Conversation

@lonerapier

Copy link
Copy Markdown
Collaborator

Replaces ECB mode of operation to CBC mode for OOBA target.

Vulnerability:

  • As laid out in the audit report, same OOBA target is encrypted twice with different key, and stored in public state inside the MFKDF policy.
  • Since, ECB mode is deterministic, anyone with the ciphertext can run brute force search due to the key space being small ($\approx 2^{20}$).
  • For 6-digit alphanumeric codes, $\forall c_1, c_2 \in 36^6$, adversary has to find $t_{\text{setup}} = \text{Decrypt}(\textsf{pad}, \text{HKDF}(c_1))$ and $t_{\text{derive}}=\text{Decrypt}(\textsf{pad},\text{HKDF}(c_2))$

@lonerapier lonerapier marked this pull request as ready for review November 25, 2025 11:55
@Autoparallel Autoparallel changed the title fix: CBC encryption for ooba target fix(F7): CBC encryption for ooba target Nov 25, 2025

@Autoparallel Autoparallel left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good as a first pass to me.

My feedback is just for code safety and leans on the safety/security of the cipher crate itself.

Comment thread mfkdf2/src/crypto.rs Outdated
Comment thread mfkdf2/src/crypto.rs Outdated
@lonerapier lonerapier merged commit 0dc0c9f into fix/audit Dec 2, 2025
@lonerapier lonerapier deleted the fix/ooba branch December 2, 2025 07:22
lonerapier added a commit that referenced this pull request Dec 4, 2025
* add cbc encryption for ooba target

* use crate's inner trait method

* add security warning
VCNinc pushed a commit that referenced this pull request Apr 20, 2026
* fix doctests

* task: pin differential tests to specific commit (#58)

* fix(F7): CBC encryption for ooba target (#56)

* add cbc encryption for ooba target

* use crate's inner trait method

* add security warning

* fix(F6): hint entropy leak (#57)

* add hint to integrity checks

* add integrity check for add hint

* verify policy integrity before hint checks

* fix(F3): derive internal key and external key for domain separation (#59)

clippy fixes

* fix(F4): add docs for integrity
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants