View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
000816410000-006: MappingsSpecpublic2022-07-28 11:192023-01-17 17:00
ReporterBernd Edlinger Assigned ToRandy Armstrong  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Fixed in Version1.05.03 RC1 
Summary0008164: Unclear and/or misleading wording in the ECC Amendment - wrong AES128 encrytion key length
Description

I refer to this document:

https://reference.opcfoundation.org/src/v104/Core/docs/Amendment4/readme.htm

In "Table 11 - Security" at ECC-nistP256_Limits
I read this:

DerivedSignatureKeyLength = 256
EncryptionKeyLength=256
InitializationVectorLength=128

I think the EncryptionKeyLength is obviously wrong,
because "Table 206a - SecurityPolicy - ECC-nistP256" specifies:

SymmetricEncryptionAlgorithm_AES128-CBC
SymmetricSignatureAlgorithm_HMAC-SHA2-256

... and as we know, AES128 has a key length of 128 bits and not 256 bits.

Likewise for ECC-brainpoolP256r1_Limits the value of
"EncryptionKeyLength=256" is wrong and should be
"EncryptionKeyLength=128" instead, because
"Table 206c - SecurityPolicy - ECC-brainpoolP256r1" specifies
the symmetric cipher algorithm as "SymmetricEncryptionAlgorithm_AES128-CBC".

suggested spec-change:

change the EncryptionKeyLength to 128 bits
for ECC-nistP256 and ECC-brainpoolP256r1
in the ECC Amendment or maybe in an Errata,
Note: This also affects the ProfileReporting Tool.

TagsNo tags attached.
Commit Version
Fix Due Date

Relationships

related to 0008631 closedKarl Deiretsbacher 10000-007: Profiles Unclear and/or misleading wording in the ECC Amendment - wrong AES128 encrytion key length 

Activities

Randy Armstrong

2022-08-03 16:09

administrator   ~0017237

CounterLength is not defined and no longer required. Remove.

p256 EncryptionKeyLength should be 128.

Randy Armstrong

2022-12-29 07:09

administrator   ~0018368

Removed CounterLength from 6.8.2.

Jim Luth

2023-01-17 17:00

administrator   ~0018527

Agreed to changes in web meeting,

Issue History

Date Modified Username Field Change
2022-07-28 11:19 Bernd Edlinger New Issue
2022-07-28 11:19 Bernd Edlinger Status new => assigned
2022-07-28 11:19 Bernd Edlinger Assigned To => Randy Armstrong
2022-07-28 12:05 Randy Armstrong Project Specifications => 10000-006: Mappings
2022-07-28 12:30 Randy Armstrong Status assigned => new
2022-08-03 16:09 Randy Armstrong Note Added: 0017237
2022-08-03 16:09 Randy Armstrong Status new => assigned
2022-12-29 07:09 Randy Armstrong Status assigned => resolved
2022-12-29 07:09 Randy Armstrong Resolution open => fixed
2022-12-29 07:09 Randy Armstrong Fixed in Version => 1.05.03 RC1
2022-12-29 07:09 Randy Armstrong Note Added: 0018368
2023-01-17 16:58 Jim Luth Issue cloned: 0008631
2023-01-17 16:58 Jim Luth Relationship added related to 0008631
2023-01-17 17:00 Jim Luth Status resolved => closed
2023-01-17 17:00 Jim Luth Note Added: 0018527