RFC Errata
RFC 5926, "Cryptographic Algorithms for the TCP Authentication Option (TCP-AO)", June 2010
Source of RFC: tcpm (wit)
Errata ID: 6413
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: Ananth Rajadurai
Date Reported: 2021-01-28
Held for Document Update by: Martin Duke
Date Held: 2021-02-02
Section 3.1.1.2 says:
In section 3.1.1.2 Page 8, figure 1, +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + KDF-AES-128-CMAC + +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + Input : MK (Master_Key, the variable-length shared secret) + + : I (Input, i.e., the input data of the PRF) + + : MKlen (length of MK in octets) + + : len (length of M in octets) + + Output : TK (Traffic_Key, 128-bit Pseudo-Random Variable) + + + +-------------------------------------------------------------------+
It should say:
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + KDF-AES-128-CMAC + +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + Input : MK (Master_Key, the variable-length shared secret) + + : I (Input, i.e., the input data of the PRF) + + : MKlen (length of MK in octets) + + : len (length of I in octets) + + Output : TK (Traffic_Key, 128-bit Pseudo-Random Variable) + + + +-------------------------------------------------------------------+
Notes:
In Input, "len" is described as (length of "M' in octets), but there is no "M" in the input, but it is supposed to mention the length of the Input Data "I", so it should be (length of "I" in octets)