Re: Pls help me with Twofish CBC test vectors

Fred Paris wrote:

Hi
I am trying to test an implementation of Twofish. I found some test
vectors by Bruce Schneier at:
http://www-08.nist.gov/encryption/aes/round1/testvals/twofish-vals.zip

This zip files contains several .txt files. Let's consider
ecb_ival.txt and cbc_e_m.txt.

1) ECB TEST THAT WORKS
From ecb_ival.txt :
KEY=00000000000000000000000000000000
PT=00000000000000000000000000000000
CT=9F589F5CF6122C32B6BFEC2F2AE8C35A

The test runs fine, I get the correct ciphertext. Everything seems ok
here.

* BUT *

2) CBC TEST THAT DOES NOT WORK
From cbc_e_m.txt:
KEY=00000000000000000000000000000000
IV=00000000000000000000000000000000
PT=00000000000000000000000000000000
CT=3CC3B181E1495D0495D652B66921DA0F

I don't get it : as I understand it, this is the first test in a
series of encryptions in CBC mode.

The key and plaintext are all zeros, i.e. the same as in the above ECB
test that works.
Given that
- the key and plaintext are the same as in the above ECB test
- the IV is all zeros
- an XOR with zero does nothing
Then shouldn't the expected ciphertext be also the same as in the
above ECB text ??

What am I missing? The file says this is a "Monte Carlo" test but I
don't see how that could have an impact?

This is a very common mistake. The NIST Monte Carlo test vectors are the
result of applying an algorithm to an input block 10000 times rather
than just once. In pseudo code:

block <- input
for i = 1..5000
begin
algorithm [ block -> temp_block ]
algorithm [ temp_block -> block ]
end
output <- block

Brian Gladman
.

Relevant Pages