diff --git a/Crypto/Token.hs b/Crypto/Token.hs
--- a/Crypto/Token.hs
+++ b/Crypto/Token.hs
@@ -3,6 +3,8 @@
 {-# LANGUAGE ScopedTypeVariables #-}
 
 -- | Encrypted tokens/tickets to keep state in the client side.
+--   For security reasons, 'Storable' data types MUST be fixed-size
+--   when stored (i.e. serialized into the memory).
 module Crypto.Token (
   -- * Configuration
     Config(..)
@@ -174,14 +176,18 @@
     hdrbin <- BA.create (sizeOf mskhdr) $ \ptr -> poke ptr mskhdr
     return (hdrbin `BA.append` cipher)
 
-delHeader :: ByteArray ba => TokenManager -> ba -> IO (Int, Int64, ba)
-delHeader TokenManager{..} token = do
-    let (hdrbin, cipher) = BA.splitAt (indexLength + counterLength) token
-    mskhdr <- BA.withByteArray hdrbin peek
-    let hdr = headerMask `xorHeader` mskhdr
-        idx = fromIntegral $ headerIndex hdr
-        counter = fromIntegral $ headerCounter hdr
-    return (idx, counter, cipher)
+delHeader :: ByteArray ba => TokenManager -> ba -> IO (Maybe (Int, Int64, ba))
+delHeader TokenManager{..} token
+  | BA.length token < minlen = return Nothing
+  | otherwise = do
+        let (hdrbin, cipher) = BA.splitAt minlen token
+        mskhdr <- BA.withByteArray hdrbin peek
+        let hdr = headerMask `xorHeader` mskhdr
+            idx = fromIntegral $ headerIndex hdr
+            counter = fromIntegral $ headerCounter hdr
+        return $ Just (idx, counter, cipher)
+  where
+    minlen = indexLength + counterLength
 
 -- | Encrypting a target value to get a token.
 encryptToken :: (Storable a, ByteArray ba)
@@ -197,7 +203,7 @@
 encrypt secret x = do
     counter <- I.atomicModifyIORef' (secretCounter secret) (\i -> (i+1, i))
     plain <- BA.create (sizeOf x) $ \ptr -> poke ptr x
-    nonce <- makeNounce counter $ secretIV secret
+    nonce <- makeNonce counter $ secretIV secret
     let cipher = aes256gcmEncrypt plain (secretKey secret) nonce
     return (counter, cipher)
 
@@ -205,22 +211,28 @@
 decryptToken :: (Storable a, ByteArray ba)
              => TokenManager -> ba -> IO (Maybe a)
 decryptToken mgr token = do
-    (idx, counter, cipher) <- delHeader mgr token
-    secret <- getSecret mgr idx
-    decrypt secret counter cipher
+    mx <- delHeader mgr token
+    case mx of
+      Nothing -> return Nothing
+      Just (idx, counter, cipher) -> do
+          secret <- getSecret mgr idx
+          decrypt secret counter cipher
 
-decrypt :: (Storable a, ByteArray ba)
+decrypt :: forall a ba . (Storable a, ByteArray ba)
         => Secret -> Int64 -> ba -> IO (Maybe a)
 decrypt secret counter cipher = do
-    nonce <- makeNounce counter $ secretIV secret
+    nonce <- makeNonce counter $ secretIV secret
     let mplain = aes256gcmDecrypt cipher (secretKey secret) nonce
+        expect = sizeOf (undefined :: a)
     case mplain of
-      Nothing    -> return Nothing
-      Just plain -> Just <$> BA.withByteArray plain peek
+      Just plain
+        | BA.length plain == expect -> Just <$> BA.withByteArray plain peek
+      _                             -> return Nothing
 
-makeNounce :: forall ba . ByteArray ba => Int64 -> ba -> IO ba
-makeNounce counter iv = do
-    cv <- BA.create 8 $ \ptr -> poke ptr counter
+
+makeNonce :: forall ba . ByteArray ba => Int64 -> ba -> IO ba
+makeNonce counter iv = do
+    cv <- BA.create ivLength $ \ptr -> poke ptr counter
     return $ iv `BA.xor` (cv :: ba)
 
 ----------------------------------------------------------------
diff --git a/crypto-token.cabal b/crypto-token.cabal
--- a/crypto-token.cabal
+++ b/crypto-token.cabal
@@ -1,5 +1,5 @@
 name:                crypto-token
-version:             0.0.0.0
+version:             0.0.1
 synopsis:            crypto tokens
 description:         Encrypted tokens/tickets to keep state in the client side.
 license:             BSD3
