RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (2)

RFC 9142, "Key Exchange (KEX) Method Updates and Recommendations for Secure Shell (SSH)", January 2022

Source of RFC: curdle (sec)

Errata ID: 7799
Status: Verified
Type: Technical
Publication Format(s) : TEXT, PDF, HTML

Reported By: Ben S
Date Reported: 2024-02-07
Verifier Name: Paul Wouters
Date Verified: 2024-02-07

Section 1.2.1 says:

+============+=============================+
| Curve Name | Estimated Security Strength |
+============+=============================+
| nistp256   | 128 bits                    |
+------------+-----------------------------+
| nistp384   | 192 bits                    |
+------------+-----------------------------+
| nistp521   | 512 bits                    |
+------------+-----------------------------+
| curve25519 | 128 bits                    |
+------------+-----------------------------+
| curve448   | 224 bits                    |
+------------+-----------------------------+

It should say:

+============+=============================+
| Curve Name | Estimated Security Strength |
+============+=============================+
| nistp256   | 128 bits                    |
+------------+-----------------------------+
| nistp384   | 192 bits                    |
+------------+-----------------------------+
| nistp521   | 256 bits                    |
+------------+-----------------------------+
| curve25519 | 128 bits                    |
+------------+-----------------------------+
| curve448   | 224 bits                    |
+------------+-----------------------------+

Notes:

P-521 has approximately 256 bits of security (rather than 512), as per Table 1 of Section 6.1.1 of FIPS 186-5, and Section 9 Paragraph 5 of RFC 5656.

Errata ID: 7126
Status: Verified
Type: Editorial
Publication Format(s) : TEXT, PDF, HTML

Reported By: Jacob Nevins
Date Reported: 2022-09-12
Verifier Name: RFC Editor
Date Verified: 2022-09-13

Section 1.2.1 says:

The curve25519 and curve488 security-level numbers are in [RFC7748].

It should say:

The curve25519 and curve448 security-level numbers are in [RFC7748].

Notes:

"curve488" should be "curve448". (From context, this is unlikely to cause significant confusion for readers, since "Curve488" does not represent a well-known primitive and is not mentioned in the reference, whereas Curve448 is well-known and referred to in the reference and elsewhere in this document.)

Report New Errata



Advanced Search