RFC Errata
Found 7 records.
Status: Verified (5)
RFC 5091, "Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems", December 2007
Note: This RFC has been updated by RFC 8996
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 2736
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25
Section 4.1.1 says:
Last line of the algorithm: 5. Let v = v_1 (mod n)
It should say:
5. Let v = v_2 (mod n)
Notes:
With the actual version of the RFC, the output of the algorithm 4.1.1 with the test cases input is v = 5ab5b7a6d72fa91bd01df98e29afb77f05e7b880, which doesn't correspond with the expected output.
However, with the correction, the output is correct:
v = 79317c1610c1fc018e9c53d89d59c108cd518608
Errata ID: 2738
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25
Section 4.1.1 says:
The input n MUST be less than 2^(hashlen), where hashlen is the number of octets comprising the output of the hash function hashfcn.
It should say:
The input n MUST be less than 256^(hashlen), where hashlen is the number of octets comprising the output of the hash function hashfcn.
Notes:
Since hashlen is the output size in bytes of the hash function, the correct limit is 256^hashlen.
Errata ID: 2739
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Verifier Name: Sean Turner
Date Verified: 2011-07-25
Section 4.2.1 says:
The value of b MUST be less than or equal to the number of bytes in the output of hashfcn
It should say:
The value of b MUST be greater than or equal to the number of bytes in the output of hashfcn
Notes:
If b is less than or equal to hashlen, then the result of the fourth step of the algorithm would always be 1, since the division will result in a number between 0 and 1.
Errata ID: 3228
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Richard Heylen
Date Reported: 2012-05-18
Verifier Name: Sean Turner
Date Verified: 2012-07-18
Section 3.5.2. says:
(x_V /z_V^2, s * x_V / z_V^3) in (F_p)^2,
It should say:
(x_V /z_V^2, s * y_V / z_V^3) in (F_p)^2,
Errata ID: 3229
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Richard Heylen
Date Reported: 2012-05-18
Verifier Name: Sean Turner
Date Verified: 2012-07-18
Section 2.1 says:
a * b = ((a_1 * b_1 - a_0 * b_0)(mod p),
It should say:
a * b = ((a_0 * b_0 - a_1 * b_1)(mod p),
Status: Reported (1)
RFC 5091, "Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems", December 2007
Note: This RFC has been updated by RFC 8996
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 4335
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Scott Ruoti
Date Reported: 2015-04-13
Section 201 says:
e': G1' x G1'' -> G2
It should say:
e' : G1' X G1'' -> G2
Notes:
This is the only way to give type correctness.
e: G1' x G1'' -> G2
phi: G1' -> G1''
e'(A, B) = e(A, phi(B))
There for B must be an element of G' so that it can be passed as input to phi(B).
Status: Held for Document Update (1)
RFC 5091, "Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems", December 2007
Note: This RFC has been updated by RFC 8996
Source of RFC: IETF - NON WORKING GROUPArea Assignment: sec
Errata ID: 2737
Status: Held for Document Update
Type: Editorial
Publication Format(s) : TEXT
Reported By: David Núñez (University of Málaga)
Date Reported: 2011-02-27
Held for Document Update by: Sean Turner
Section 5.1.2 says:
Method: ... 2. ... (a) If n = 1024, then let n_p = 512, n_q = 160, hashfcn = 1.3.14.3.2.26 (SHA-1 [SHA]
It should say:
(a) If n = 1024, then let n_p = 512, n_q = 160, hashfcn = 1.3.14.3.2.26 (SHA-1 [SHA])
Notes:
There is a missing ')'. The same typo occurs in first line of page 40.