[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [pkcs11-comment] Invitation to comment on four PKCS #11 specifications - ends July 6th
Hi! On 06/06, Paul Knight wrote:
OASIS members and other interested parties, OASIS and the OASIS PKCS 11 TC are pleased to announce that four PKCS #11 specifications are now available for public review and comment: PKCS #11 Cryptographic Token Interface Base Specification Version 3.0 PKCS #11 Cryptographic Token Interface Profiles Version 3.0 PKCS #11 Cryptographic Token Interface Current Mechanisms Specification Version 3.0 PKCS #11 Cryptographic Token Interface Historical Mechanisms Specification Version 3.0 [..] The public review starts 7 June 2019 at 00:00 UTC and ends 6 July 2019 at 23:59 UTC.
The mechanisms CKM_AES_GCM and CKM_AES_CCM are vulnerable to two-pad attacks unless IVs are generated internally. The new EncryptMessage interface allows the token to set the IVs and communicate them. But these mechanisms may also be used for Wrap and Unwrap (p. 103, Current Mechanisms Specification). See also the thread from (Jun 27 2018). Is there any way a token can chose the IV internally when wrapping? If not, are there any plans to add them in the future? With kind regards, Robert Künnemann -- Robert Künnemann, Ph.D. | Postdoctoral researcher CISPA Helmholtz Center for Information SecurityRoom 2.12, Stuhlsatzenhaus 5, Saarland Informatics Campus, 66123 Saarbrücken Phone: +49 681 302 70962
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]