Archived
TD0426: Correction of Inconsistency with RFC7748
Publication Date
2019.06.24
Protection Profiles
PP_MD_V3.1
Other References
FCS_CKM.1
Issue Description
In the Assurance Activities for FCS_CKM.1, the Key generation for Curve25519 tests are inconsistent and RFC 7748. The tests do not account for the fact that the bytes should be written and decoded in little-endian order (least significant byte first). Resolution
09/03/2020 - This TD is archived and was superseded by TD0502. The Curve25519 Assurance Activity is modified as follows: Key Generation for Curve25519 The evaluator shall require the implementation under test (IUT) to generate 10 private/public key pairs. The private key shall be generated as specified in RFC 7748 using an approved random bit generator (RBG) and shall be written in little-endian order (least significant byte first). To determine correctness, the evaluator shall submit the generated key pairs to the public key verification (PKV) function of a known good implementation.
a. confirm the private and public keys are 32-byte values
Justification
The Assurance Activity should be consistent with the RFC and adopt its terminology to minimize confusion. |