[AVTCORE] [Technical Errata Reported] RFC7714 (4938)
RFC Errata System <rfc-editor@rfc-editor.org> Thu, 16 February 2017 20:23 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC3D0129531 for <avt@ietfa.amsl.com>; Thu, 16 Feb 2017 12:23:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.203
X-Spam-Level:
X-Spam-Status: No, score=-4.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tipOElA4-219 for <avt@ietfa.amsl.com>; Thu, 16 Feb 2017 12:23:30 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ADB791294C2 for <avt@ietf.org>; Thu, 16 Feb 2017 12:23:30 -0800 (PST)
Received: by rfc-editor.org (Postfix, from userid 30) id 94C25B8020D; Thu, 16 Feb 2017 12:23:30 -0800 (PST)
To: mcgrew@cisco.com, mythicalkevin@yahoo.com, ben@nostrum.com, alissa@cooperw.in, aamelnikov@fastmail.fm, roni.even@huawei.com, magnus.westerlund@ericsson.com
X-PHP-Originating-Script: 30:errata_mail_lib.php
From: RFC Errata System <rfc-editor@rfc-editor.org>
Message-Id: <20170216202330.94C25B8020D@rfc-editor.org>
Date: Thu, 16 Feb 2017 12:23:30 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/MDLct0Lo1j18vbU4gpF00M7z3Kw>
X-Mailman-Approved-At: Sun, 19 Feb 2017 09:04:18 -0800
Cc: text/plain@rfc-editor.org, rfc-editor@rfc-editor.orgContent-Type, avt@ietf.org, charset=UTF-8@rfc-editor.org
Subject: [AVTCORE] [Technical Errata Reported] RFC7714 (4938)
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Feb 2017 20:23:32 -0000
The following errata report has been submitted for RFC7714, "AES-GCM Authenticated Encryption in the Secure Real-time Transport Protocol (SRTP)". -------------------------------------- You may review the report below and at: http://www.rfc-editor.org/errata_search.php?rfc=7714&eid=4938 -------------------------------------- Type: Technical Reported by: Paul E. Jones <paulej@packetizer.com> Section: 11 Original Text ------------- A Key Derivation Function (KDF) is used to derive all of the required encryption and authentication keys from a secret value shared by the endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use the AES_256_CM_PRF KDF described in [RFC6188]. Corrected Text -------------- A Key Derivation Function (KDF) is used to derive all of the required encryption and authentication keys from a secret value shared by the endpoints. The AEAD_AES_128_GCM algorithm MUST use the (128-bit) AES_CM PRF KDF described in [RFC3711]. AEAD_AES_256_GCM MUST use the AES_256_CM_PRF KDF described in [RFC6188]. Since the KDF functions in those RFCs assume as input a 112-bit master salt, the 96-bit master salt specified in this document must be multiplied by 2^16 to form the 112-bit salt used as the master salt in those key derivation functions. Notes ----- The salt specified in RFC 7714 is 96 bits in length, but intended for use in KDF functions defined in RFC 3711. This led to different interpretations when implementing this RFC. A more complete description was presented on the avtcore mailing list (https://mailarchive.ietf.org/arch/msg/avt/IRfLuNKglD3qhqwSz3v3t0CG6fA) and, after some dialog, there seemed to be agreement to adopt the approach most widely implemented (https://mailarchive.ietf.org/arch/msg/avt/-C1cIWQXpyzS2KfBjGR6B2kK92w). This suggested text is intended to reflect that agreement. In effect, 16 zero bits are padded to the right of the salt value defined in RFC 7714 (creating a 112 bit salt value) before it is used as described in the KDF functions defined in RFC 3711 that require a 112 bit salt value. Instructions: ------------- This erratum is currently posted as "Reported". If necessary, please use "Reply All" to discuss whether it should be verified or rejected. When a decision is reached, the verifying party can log in to change the status and edit the report, if necessary. -------------------------------------- RFC7714 (draft-ietf-avtcore-srtp-aes-gcm-17) -------------------------------------- Title : AES-GCM Authenticated Encryption in the Secure Real-time Transport Protocol (SRTP) Publication Date : December 2015 Author(s) : D. McGrew, K. Igoe Category : PROPOSED STANDARD Source : Audio/Video Transport Core Maintenance Area : Applications and Real-Time Stream : IETF Verifying Party : IESG
- [AVTCORE] [Technical Errata Reported] RFC7714 (49… RFC Errata System
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Paul E. Jones
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Roni Even
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Paul E. Jones
- Re: [AVTCORE] [Technical Errata Reported] RFC7714… Mo Zanaty (mzanaty)