ACVP icon indicating copy to clipboard operation
ACVP copied to clipboard

Published 20 hours ago verified publisher icon usnistgov

SRTP KDF errata should be supported

Open RKinsey opened this issue 4 years ago • 1 comments

At least one major SRTP implementation, libSRTP, uses a KDF that is incorrect according to both SP 800-135 and the original RFC 3711 because it treats SRTP and SRTCP IVs identically (both specs say SRTCP's index should be 16 bits shorter, which moves the label position in the IV).

However, there has been errata issued for RFC 3711 that changes the KDF behavior to match libSRTP's. The amended KDF has been approved by NIST since 2016 (see: https://csrc.nist.gov/CSRC/media/Publications/sp/800-135/rev-1/final/documents/sp800-135r1-informative-note-20160919.pdf), but is still unsupported by both ACVTS and the legacy ASKDFVS.

RKinsey avatar Aug 17 '20 20:08 RKinsey

Thanks for the information. I'll make sure this gets included.

celic avatar Aug 17 '20 21:08 celic

The fix for this is on Demo in release v1.1.0.28.

livebe01 avatar Mar 03 '23 18:03 livebe01

The fix for this is on Prod in release v1.1.0.28.

livebe01 avatar Mar 22 '23 15:03 livebe01