python-3.xencryptioncounterctr-modepycryptodome

pycryptodome: OverflowError: The counter has wrapped around in CTR mode


I am having difficulty with AES-CTR encryption using pycryptodome on Python 3. Data can be ~1000 bytes but when it gets long enough it breaks. I do not understand what this error supposedly means or how to get around it.

from os import urandom
from Crypto.Cipher import AES

cipher = AES.new(urandom(16), AES.MODE_CTR, nonce=urandom(15))
cipher.encrypt(urandom(10000))

---------------------------------------------------------------------------
OverflowError                             Traceback (most recent call last)
<ipython-input-116-a48990362615> in <module>()
      3 
      4 cipher = AES.new(urandom(16), AES.MODE_CTR, nonce=urandom(15))
----> 5 cipher.encrypt(urandom(10000))
      6 

/usr/local/lib/python3.5/dist-packages/Crypto/Cipher/_mode_ctr.py in encrypt(self, plaintext)
    188         if result:
    189             if result == 0x60002:
--> 190                 raise OverflowError("The counter has wrapped around in"
    191                                     " CTR mode")
    192             raise ValueError("Error %X while encrypting in CTR mode" % result)

OverflowError: The counter has wrapped around in CTR mode

Solution

  • I figured it out. Nonce is only 1 byte short of block size so counter mode can only produce 256 blocks which would allow to encrypt 4096 bytes. If nonce is few bytes shorter the problem goes away.