RFC Errata
RFC 5091, "Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems", December 2007
Note: This RFC has been updated by RFC 8996
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
See Also: RFC 5091 w/ inline errata
Errata ID: 2738
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25
Section 4.1.1 says:
The input n MUST be less than 2^(hashlen), where hashlen is the number of octets comprising the output of the hash function hashfcn.
It should say:
The input n MUST be less than 256^(hashlen), where hashlen is the number of octets comprising the output of the hash function hashfcn.
Notes:
Since hashlen is the output size in bytes of the hash function, the correct limit is 256^hashlen.