A mis-handling of invalid unicode characters in the Java implementation Tink versions prior to 1.5 allows an attacker change ID part a ciphertext, which result creation second ciphertext that can decrypt same plaintext. This be problem with encrypting deterministic AEAD single key, and rely on unique ciphertext-per-plaintext.