From aa674387a668aecdb1d201209f15b2f81dcd3ff8 Mon Sep 17 00:00:00 2001
From: Samuel Lucas <63159663+samuel-lucas6@users.noreply.github.com>
Date: Wed, 11 Dec 2024 21:30:31 +0000
Subject: [PATCH] Update missed overwritten with zeros (#71)

Part of #60.
---
 draft-irtf-cfrg-aegis-aead.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/draft-irtf-cfrg-aegis-aead.md b/draft-irtf-cfrg-aegis-aead.md
index 09671c2..f48bcb5 100644
--- a/draft-irtf-cfrg-aegis-aead.md
+++ b/draft-irtf-cfrg-aegis-aead.md
@@ -792,7 +792,7 @@ The `Decrypt` function decrypts a ciphertext, verifies that the authentication t
 
 Security:
 
-- If tag verification fails, the decrypted message and wrong message authentication tag MUST NOT be given as output. The decrypted message MUST be overwritten with zeros.
+- If tag verification fails, the decrypted message and wrong message authentication tag MUST NOT be given as output. The decrypted message MUST be overwritten with zeros before being returned.
 - The comparison of the input `tag` with the `expected_tag` MUST be done in constant time.
 
 Inputs: