OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: AES GCM IV FIPS-140 new IG

hi all -

Could this subject have any more acronyms? :-)

This is the item I have been bringing up in our meetings, about
the IG that was rumoured to be "coming soon".

The new IG has been posted:


Specifically: A.5 Key/IV Pair Uniqueness Requirements from SP 800-38D
  Allow IPSec- and TLS 1.2-style of IV generation for AES-GCM cipher suites.

Which goes into effect immediately, as NIST believes this is more permissive
than previous guidance.

As currently in PKCS#11, we accept the IV as input, how do we enforce this?

For many of your modules, they may be "standalone" with the thing generating
the IV and the PKCS#11 module being in the same "cryptographic module" (from
a FIPS-140 perspective), and this will be easier to solve for those situations
as you control everything.

But, for those of us that are providing cryptographic services to a variety
of consumers - consumers who are all currently generating their own IV, how
should we address this in in PKCS#11?

Can this be addressed with 2.40? (I don't think so, but would be happy to
be proved wrong)


Valerie Fenwick, http://bubbva.blogspot.com/ @bubbva
Solaris Cryptographic & Key Management Technologies, Manager
Oracle Corporation: 4180 Network Circle, Santa Clara, CA, 95054.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]