diff --git a/puer.c b/puer.c
index 976c1d8..0179959 100644
--- a/puer.c
+++ b/puer.c
@@ -315,7 +315,7 @@ const int mprime = (16-2)/2;
 // 32 bit = 4 byte length field
 const int lprime = 4-1;
 
-void ccm_mac(unsigned char mac[16], uint32_t key[4], uint32_t messageindex, unsigned char message[], uint32_t length) {
+void ccm_mac(unsigned char mac[16], uint32_t key[4], uint64_t messageindex, unsigned char message[], uint32_t length) {
 	// CCM specifies that the length field is big endian while we are
 	// natively little endian. Flip it.
 	unsigned char length_bytes[4];
@@ -326,7 +326,7 @@ void ccm_mac(unsigned char mac[16], uint32_t key[4], uint32_t messageindex, unsi
 	uint32_t be_length = bytes2word(length_bytes);
 
 	// First block is special
-	uint32_t mac_words[4] = {mprime<<3 | lprime, 0, messageindex, be_length};
+	uint32_t mac_words[4] = {mprime<<3 | lprime, messageindex, messageindex >> 32, be_length};
 	xxtea128(key, mac_words);
 
 	// Process all full blocks
@@ -361,7 +361,7 @@ void ccm_mac(unsigned char mac[16], uint32_t key[4], uint32_t messageindex, unsi
 	words2block(mac, mac_words);
 }
 
-void ccm_xor_block(unsigned char block[16], uint32_t key[4], uint32_t messageindex, uint32_t counter) {
+void ccm_xor_block(unsigned char block[16], uint32_t key[4], uint64_t messageindex, uint32_t counter) {
 	// CCM specifies that the counter field is big endian while we are
 	// natively little endian. Flip it.
 	unsigned char counter_bytes[4];
@@ -371,7 +371,7 @@ void ccm_xor_block(unsigned char block[16], uint32_t key[4], uint32_t messageind
 	counter_bytes[3] = counter;
 	uint32_t be_counter = bytes2word(counter_bytes);
 
-	uint32_t words[4] = {lprime, 0, messageindex, be_counter};
+	uint32_t words[4] = {lprime, messageindex, messageindex >> 32, be_counter};
 	xxtea128(key, words);
 	unsigned char keystream[16];
 	words2block(keystream, words);
@@ -381,7 +381,7 @@ void ccm_xor_block(unsigned char block[16], uint32_t key[4], uint32_t messageind
 	}
 }
 
-void ccm_encrypt(unsigned char key[16], uint32_t messageindex, unsigned char message[], uint32_t length, unsigned char mac[16]) {
+void ccm_encrypt(unsigned char key[16], uint64_t messageindex, unsigned char message[], uint32_t length, unsigned char mac[16]) {
 	uint32_t key_words[4];
 	block2words(key_words, key);
 
@@ -407,7 +407,7 @@ void ccm_encrypt(unsigned char key[16], uint32_t messageindex, unsigned char mes
 	}
 }
 
-bool ccm_decrypt(unsigned char key[16], uint32_t messageindex, unsigned char message[], uint32_t length, unsigned char mac[16]) {
+bool ccm_decrypt(unsigned char key[16], uint64_t messageindex, unsigned char message[], uint32_t length, unsigned char mac[16]) {
 	uint32_t key_words[4];
 	block2words(key_words, key);