Incorrect cross-reference to padding/truncation step in “Password algorithms”

[AmyLin2013]

Section 1: 7.6.4.3.2, Algorithm 2: Computing a file encryption key in order to encrypt a document (revision 4 and earlier)

• Step (a) explicitly performs padding/truncation of the password string.

Section 2: 7.6.4.4.2, Algorithm 3: Computing the encryption dictionary’s O-entry value (revision 4 and earlier)

• Items (a) and (e) currently reference “step (b) of 7.6.4.3.2” for padding/truncation. Issue Description In 7.6.4.4.2 items (a) and (e), the text instructs implementers to “Pad or truncate … as described in step (b) of 7.6.4.3.2.” However, in 7.6.4.3.2 the padding/truncation occurs in step (a); step (b) only initializes the MD5 hash function. This misreference can mislead implementers when reproducing Algorithm 3.

Proposed Correction (editorial)

Replace references to step (b) with step (a) in 7.6.4.4.2:

7.6.4.4.2 (a): Replace “Pad or truncate … as described in step (b) of 7.6.4.3.2” With “Pad or truncate … as described in step (a) of 7.6.4.3.2.”

7.6.4.4.2 (e): Replace “Pad or truncate … as described in step (b) of 7.6.4.3.2” With “Pad or truncate … as described in step (a) of 7.6.4.3.2.”

[AmyLin2013]

In 7.6.4.4.3 (Algorithm 4), item (b) incorrectly cites “the 32-byte padding string shown in step (b) of 7.6.4.3.2.” The padding string is defined in step (a) of 7.6.4.3.2. It is recommended to replace “(b)” with “(a)”. I suspect 7.6.4.3.2 was revised at some point and related cross-references were not updated; I recommend reviewing adjacent clauses for similar discrepancies.

[petervwyatt]

Passing to Crypto & Provenance TWG

[mkl-public]

C & P TWG agrees to the proposed replacements.