no need to send the encrypted block twice

src/main/java/ch/fhnw/kry/CTR.java

@@ -40,13 +40,12 @@ public class CTR {
      *
      * @param block Encrypted block (only lower 16 bits get looked at).
      * @param idx   Block index.
-     * @param y     Y at index idx.
      * @return Decrypted block (in the lower 16 bits of the int).
      */
-    public int decrypt(int block, int idx, int y) {
+    public int decrypt(int block, int idx) {
         int e = (iv + idx) % (1 << BLOCK_LENGTH); // iv + i mod 2^16
         e = spn.encryptBlock(key, e); // yes, we need the encryption function, as this is CTR
 
-        return y ^ e;
+        return block ^ e;
     }
 }

src/main/java/ch/fhnw/kry/Decrypt.java

@@ -31,8 +31,8 @@ public class Decrypt {
         var ctr = new CTR(iv, key);
 
         for (int i = 0; i < data.length - 1; i++) {
-            int block = data[i];
-            int decryptedBlock = ctr.decrypt(block, i, data[i + 1]);  // y is i + 1 because i = 0 is the iv
+            int block = data[i + 1]; // index is i + 1 because i = 0 is the iv, hence the encrypted block is offset by 1
+            int decryptedBlock = ctr.decrypt(block, i);
 
             decryptedData[i * 2] = (byte) (decryptedBlock >>> 8); // get the upper half of the decrypted block
             decryptedData[i * 2 + 1] = (byte) (decryptedBlock & 0xFF); // and the lower half