errata logo graphic

Found 6 records.

Status: Verified (5)

RFC5091, "Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems", December 2007

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2736

Status: Verified
Type: Technical

Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25

Section 4.1.1 says:

Last line of the algorithm:

5. Let v = v_1 (mod n)

It should say:

5. Let v = v_2 (mod n)

Notes:

With the actual version of the RFC, the output of the algorithm 4.1.1 with the test cases input is v = 5ab5b7a6d72fa91bd01df98e29afb77f05e7b880, which doesn't correspond with the expected output.

However, with the correction, the output is correct:
v = 79317c1610c1fc018e9c53d89d59c108cd518608


Errata ID: 2738

Status: Verified
Type: Technical

Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25

Section 4.1.1 says:

The input n MUST be less than 2^(hashlen), where hashlen is the number of octets comprising the output of the hash function hashfcn. 

It should say:

The input n MUST be less than 256^(hashlen), where hashlen is the number of octets comprising the output of the hash function hashfcn. 

Notes:

Since hashlen is the output size in bytes of the hash function, the correct limit is 256^hashlen.


Errata ID: 2739

Status: Verified
Type: Technical

Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25

Section 4.2.1 says:

The value of b MUST be less than or equal to the number of bytes in the output of hashfcn

It should say:

The value of b MUST be greater than or equal to the number of bytes in the output of hashfcn

Notes:

If b is less than or equal to hashlen, then the result of the fourth step of the algorithm would always be 1, since the division will result in a number between 0 and 1.


Errata ID: 3228

Status: Verified
Type: Technical

Reported By: Richard Heylen
Date Reported: 2012-05-18
Verifier Name: Sean Turner
Date Verified: 2012-07-18

Section 3.5.2. says:

(x_V /z_V^2, s * x_V / z_V^3) in (F_p)^2,

It should say:

(x_V /z_V^2, s * y_V / z_V^3) in (F_p)^2,

Errata ID: 3229

Status: Verified
Type: Technical

Reported By: Richard Heylen
Date Reported: 2012-05-18
Verifier Name: Sean Turner
Date Verified: 2012-07-18

Section 2.1 says:

a * b = ((a_1 * b_1 - a_0 * b_0)(mod p),

It should say:

a * b = ((a_0 * b_0 - a_1 * b_1)(mod p),

Status: Held for Document Update (1)

RFC5091, "Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems", December 2007

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 2737

Status: Held for Document Update
Type: Editorial

Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Held for Document Update by: Sean Turner

Section 5.1.2 says:

Method:
...
2. ...
(a) If n = 1024, then let n_p = 512, n_q = 160, hashfcn =
          1.3.14.3.2.26 (SHA-1 [SHA]

It should say:

(a) If n = 1024, then let n_p = 512, n_q = 160, hashfcn =
          1.3.14.3.2.26 (SHA-1 [SHA])

Notes:

There is a missing ')'. The same typo occurs in first line of page 40.


Report New Errata