RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (1)

RFC 7714, "AES-GCM Authenticated Encryption in the Secure Real-time Transport Protocol (SRTP)", December 2015

Source of RFC: avtcore (wit)

Errata ID: 4938
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Paul E. Jones
Date Reported: 2017-02-16
Verifier Name: Murray Kucherawy
Date Verified: 2023-11-08

Section 11 says:

A Key Derivation Function (KDF) is used to derive all of the required
encryption and authentication keys from a secret value shared by the
endpoints.  The AEAD_AES_128_GCM algorithm MUST use the (128-bit)
AES_CM PRF KDF described in [RFC3711].  AEAD_AES_256_GCM MUST use the
AES_256_CM_PRF KDF described in [RFC6188].

It should say:

A Key Derivation Function (KDF) is used to derive all of the required
encryption and authentication keys from a secret value shared by the
endpoints.  The AEAD_AES_128_GCM algorithm MUST use the (128-bit)
AES_CM PRF KDF described in [RFC3711].  AEAD_AES_256_GCM MUST use the
AES_256_CM_PRF KDF described in [RFC6188].  Since the KDF functions in
those RFCs assume as input a 112-bit master salt, the 96-bit master
salt specified in this document must be multiplied by 2^16 to form the
112-bit salt used as the master salt in those key derivation functions.

Notes:

The salt specified in RFC 7714 is 96 bits in length, but intended for use in KDF functions defined in RFC 3711. This led to different interpretations when implementing this RFC. A more complete description was presented on the avtcore mailing list (https://mailarchive.ietf.org/arch/msg/avt/IRfLuNKglD3qhqwSz3v3t0CG6fA) and, after some dialog, there seemed to be agreement to adopt the approach most widely implemented (https://mailarchive.ietf.org/arch/msg/avt/-C1cIWQXpyzS2KfBjGR6B2kK92w). This suggested text is intended to reflect that agreement. In effect, 16 zero bits are padded to the right of the salt value defined in RFC 7714 (creating a 112 bit salt value) before it is used as described in the KDF functions defined in RFC 3711 that require a 112 bit salt value.

Status: Reported (1)

RFC 7714, "AES-GCM Authenticated Encryption in the Secure Real-time Transport Protocol (SRTP)", December 2015

Source of RFC: avtcore (wit)

Errata ID: 7858
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Doug Gibbons
Date Reported: 2024-03-20

Section 17 says:

   The examples in this section are all based upon the same RTCP packet:

            81c8000e 4d617273 4e545031 4e545031
            52545020 0000042a 0000eb98 4c756e61
            deadbeef deadbeef deadbeef deadbeef
            deadbeef

   with 32-bit SRTCP index 000005d4.

It should say:

   The examples in this section are all based upon the same RTCP packet:

	    81c8000d 4d617273 4e545031 4e545032
            52545020 0000042a 0000e930 4c756e61
            deadbeef deadbeef deadbeef deadbeef
            deadbeef

   with 32-bit SRTCP index 000005d4.

Notes:

The text at the beginning of Section 17 presents a sample RTCP packet which it expects to be used in subsequent examples. However, all the examples indicate they are based on the packet in the corrected text.

Report New Errata



Advanced Search