# RFC Errata

Found 2 records.

## Status: Verified (1)

### RFC 2631, "Diffie-Hellman Key Agreement Method", June 1999

Source of RFC: smime (sec)
Errata ID: 2506

**Status: Verified
Type: Technical
**

Reported By: Yves Legrandgerard

Date Reported: 2010-09-01

Verifier Name: Sean Turner

Date Verified: 2012-01-06

Section 2.2.1.1 says:

6. For i = 0 to m' - 1 U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i) Note that for m=160, this reduces to the algorithm of [FIPS-186] U = SHA1[SEED] XOR SHA1[(SEED+1) mod 2^160 ].

It should say:

6. For i = 0 to m' - 1 U = U + [SHA1(seed + i) Xor SHA1((seed + m' +i ) mod 2^{seedlen})] * 2^{160 * i} Note that for m=160, this reduces to the algorithm of [FIPS-186] U = [SHA1(seed) Xor SHA1((seed +1) mod 2^{seedlen})], where seedlen is the binary length of seed.

Notes:

The line:

U = U + (SHA1[SEED + i] XOR SHA1[(SEED + m' + i)) * 2^(160 * i)

is syntactically incorrect. Closing bracket of last 'SHA1[' is missing.

Moreover, when m=160 (m'=1), the loop cannot reduce to the line:

U = SHA1[SEED] XOR SHA1[(SEED + 1) mod 2^160]

as it can be easily seen.

## Status: Held for Document Update (1)

### RFC 2631, "Diffie-Hellman Key Agreement Method", June 1999

Source of RFC: smime (sec)
Errata ID: 1060

**Status: Held for Document Update
Type: Editorial
**

Reported By: Javier Ader

Date Reported: 2007-09-13

Held for Document Update by: Tim Polk

This reference is cited in Section 1, but does not appear in the References section. It should be added: [DH76] W. Diffie and M. E. Hellman, "New Directions in Cryptography", IEEE Transactions on Information Theory, vol. IT-22, Nov. 1976, pp: 644-654.