Provide the location of the issue
6.4.1.2, FCS_CKM.2 Cryptographic Key Establishment (Refinement)
What is the enhancement request for the cPP? Please describe.
FCS_CKM.2 describes RSA-based key establishment in terms of RFC 8017. Have you considered describing it in terms of NIST Special Publication 800-56B Revision 2? In the past, the issue with claiming 56B was older TLS versions and RSAES-OAEP.
Describe the solution you'd like
Suggested one of the following updates:
• RSA-based key establishment schemes that meet the following: NIST Special Publication 800-56B Revision 2, “Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography”;
Or
• RSA-based key establishment schemes that meet the following: RSAES-OAEP as specified in Section 7.1 or RSAES-PKCS1-v1_5 as specified in Section 7.2 of RFC 8017, “Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.2”;
Provide the location of the issue 6.4.1.2, FCS_CKM.2 Cryptographic Key Establishment (Refinement)
What is the enhancement request for the cPP? Please describe. FCS_CKM.2 describes RSA-based key establishment in terms of RFC 8017. Have you considered describing it in terms of NIST Special Publication 800-56B Revision 2? In the past, the issue with claiming 56B was older TLS versions and RSAES-OAEP.
Describe the solution you'd like Suggested one of the following updates:
• RSA-based key establishment schemes that meet the following: NIST Special Publication 800-56B Revision 2, “Recommendation for Pair-Wise Key-Establishment Using Integer Factorization Cryptography”; Or • RSA-based key establishment schemes that meet the following: RSAES-OAEP as specified in Section 7.1 or RSAES-PKCS1-v1_5 as specified in Section 7.2 of RFC 8017, “Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.2”;