Incorrect Block Sizes in BLAKE2b and BLAKE2s Algorithms with HMAC

Incorrect Block Sizes in BLAKE2b and BLAKE2s Algorithms with HMAC

CVE-2019-16143 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes.

Learn more about our Web Application Penetration Testing UK.