Closed woodbe closed 2 months ago
woodbe
commented
3 months ago FCS_COP.1/KeyWrap
Is CCM & GCM really needed here since FCS_COP.1/AEAD is now explicit? While I can understand putting it here, it seems like any SFRs that may rely on GCM or CCM could just also point to the AEAD SFR in addition to KeyWrap.
[SP: Not sure why it appears in both. We will chat about it; I will advocate for removing one or the other.]
woodbe
commented
3 months ago I think that I will leave the CCM/GCM off from our cPP and adjust requirements to point to the AEAD SFR instead of duplicating the requirements in multiple places.
[SP: Sounds reasonable to me.]
woodbe
commented
3 months ago FCS_RBG.1, the HMAC list of standards seems to have issues with the selection closing brackets. Looking at the HASH, then the brackets should be after the "[SHA]", but for HMAC it is after the "10.1.2".
In the cPP I have placed it in the same place as the HASH.
[SP: For HASH row, List of Standards column, remove bracket after [SHA], add a bracket at the end. For the HMAC row, same column, remove bracket after 10.1.2, add a bracket at the end. In each case, the selection should begin after “[Hash_DRBG],”]
woodbe
commented
3 months ago ISO/IEC 9797-2:2011 has been withdrawn, the current versions is ISO/IEC 9797-2:2021.
Should this be updated?
[SP: Yes, it was already updated everywhere but in the references.]
slpotte
commented
3 months ago I will forward the suggested changes to the Crypto Working Group
FCS_COP.1/KeyWrap
For KW and KWP, the CAM algorithm has been removed, yet for the key sizes and the standards it is still listed for each one. Is there a reason for the mismatch?
[SP: There’s a lot of mismatch in this table. We will have to go back and fix it. If there is a corresponding ISO document, then the option stays; otherwise we will remove the option.]