From 3541a38b3a18062211f864b9ad98e9be8c1fbf0b Mon Sep 17 00:00:00 2001 From: Chris Celi Date: Tue, 11 Aug 2020 11:25:05 -0400 Subject: [PATCH] Delete draft-celi-acvp-pbkdf.xml --- src/draft-celi-acvp-pbkdf.xml | 620 ---------------------------------- 1 file changed, 620 deletions(-) delete mode 100644 src/draft-celi-acvp-pbkdf.xml diff --git a/src/draft-celi-acvp-pbkdf.xml b/src/draft-celi-acvp-pbkdf.xml deleted file mode 100644 index 1a0c9371..00000000 --- a/src/draft-celi-acvp-pbkdf.xml +++ /dev/null @@ -1,620 +0,0 @@ - - - -ACVP Password-based Key Derivation Function JSON Specification -ACVP PBKDF -draft-gold-acvp-pbkdf-01 -draft-gold-acvp-pbkdf-01 - - - - -Christopher Celi - -christopher.celi@nist.gov - - - - - -Internet Engineering Task Force -IETF - - - -2019-06-05 - -en - - -published - - -2020 - - -Internet Engineering Task Force -IETF - - - - -independent - - -informational - - -internet-draft -General -trust200902 - -yes - - - - -Acknowledgements -

There are no acknowledgements.

- -Abstract -

This document defines the JSON schema for testing Password-based KDF implementations with the ACVP specification.

- - -Introduction -

The Automated Crypto Validation Protocol (ACVP) defines a mechanism to automatically verify the cryptographic implementation of a software or hardware crypto module. The ACVP specification defines how a crypto module communicates with an ACVP server, including crypto capabilities negotiation, session management, authentication, vector processing and more. The ACVP specification does not define algorithm specific JSON constructs for performing the crypto validation. A series of ACVP sub-specifications define the constructs for testing individual crypto algorithms. Each sub-specification addresses a specific class of crypto algorithms. This sub-specification defines the JSON constructs for testing Password-based KDF implementations using ACVP.

- -Terms and definitions

No terms and definitions are listed in this document.

- - - -Supported KDFs

The following key derivation functions MAY be advertised by the ACVP compliant cryptographic module:

-
    -
  • -

    ACVP-KDF-PBKDF

    -
    • -
 -Test Types and Test Coverage

This section describes the design of the tests used to validate Password-based KDF implementations.

-Test Types

There is only one test type: functional tests. Each has a specific value to be used in the testType field. The testType field definitions are:

-
    -
  • -

    "AFT" - Algorithm Functional Test. These tests can be processed by the client using a normal derive_key operation. AFTs cause the implementation under test to exercise normal operations on a single block, multiple blocks, or partial blocks. In all cases, random data is used. The functional tests are designed to verify that the logical components of the key derivation process are operating correctly.

    -
    • -
 - -Test Coverage -

The tests described in this document have the intention of ensuring an implementation is conformant to XXX.

- -Capabilities Registration

ACVP requires crypto modules to register their capabilities. This allows the crypto module to advertise support for specific algorithms, notifying the ACVP server which algorithms need test vectors generated for the validation process. This section describes the constructs for advertising support of PBKDF algorithms to the ACVP server.

-

The algorithm capabilities MUST be advertised as JSON objects within the 'algorithms' value of the ACVP registration message. The 'algorithms' value is an array, where each array element is an individual JSON object defined in this section. The 'algorithms' value is part of the 'capability_exchange' element of the ACVP JSON registration message. See the ACVP specification for more details on the registration message.

-Prerequisites

Each algorithm implementation MAY rely on other cryptographic primitives. For example, RSA Signature algorithms depend on an underlying hash function. Each of these underlying algorithm primitives must be validated, either separately or as part of the same submission. ACVP provides a mechanism for specifying the required prerequisites:

-

Prerequisites, if applicable, MUST be submitted in the registration as the prereqVals JSON property array inside each element of the algorithms array. Each element in the prereqVals array MUST contain the following properties

- -Prerequisite Properties - - - - - - - - - - - - - - - - - - - -
JSON PropertyDescriptionJSON Type
algorithma prerequisite algorithmstring
valValuealgorithm validation numberstring
-

A "valValue" of "same" SHALL be used to indicate that the prerequisite is being met by a different algorithm in the capability exchange in the same registration.

-

An example description of prerequisites within a single algorithm capability exchange looks like this

-"prereqVals": -[ - { - "algorithm": "Alg1", - "valValue": "Val-1234" - }, - { - "algorithm": "Alg2", - "valValue": "same" - } -] - - -Property Registration -

The Password-based KDF mode capabilities are advertised as JSON objects within the 'capabilities_exchange' property.

- -Registration Example

A registration SHALL use these properties

- -PBKDF Algorithm Capabilities JSON Values - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
JSON PropertyDescriptionJSON TypeValid Values
algorithmName of the algorithm to be validatedstring"PBKDF"
revisionACVP Test versionstring"1.0"
prereqValsPrerequisites of the algorithmobjectSee
capabilitiesArray of capabilitiesarrayEach object in the array contains the below properties
iterationCountNumber of hash interationsdomainMin: 1, Max: 10000000
keyLenThe length of the output key in bitsdomainMin: 112, Max: 4096
passwordLenThe length of the password in bytes (characters)domainMin: 8, Max: 128
saltLenThe length of the salt in bitsdomainMin: 128, Max: 4096
hmacAlgThe supported hash algorithms used for HMACarraySee
-

An example registration within an algorithm capability exchange looks like this

-{ - "revision":"1.0", - "algorithm":"PBKDF", - "prereqVals":[ - { - "algorithm":"SHA", - "valValue":"same" - } - ], - "iterationCount":[ - { - "min":10, - "max":1000, - "increment":1 - } - ], - "keyLen":[ - { - "min":8, - "max":4096, - "increment":8 - } - ], - "passwordLen":[ - { - "min":8, - "max":128, - "increment":1 - } - ], - "saltLen":[ - { - "min":128, - "max":4096, - "increment":8 - } - ], - "hmacAlg":[ - "SHA-1", - "SHA2-224", - "SHA2-256", - "SHA2-384", - "SHA2-512", - "SHA3-224", - "SHA3-256", - "SHA3-384", - "SHA3-512" - ] -} - -Valid Hash Functions

The following hash functions MAY be advertised by an ACVP compliant client under the 'hmacAlg' property

-
    -
  • -

    SHA-1

    -
    • -
  • -

    SHA2-224

    -
    • -
  • -

    SHA2-256

    -
    • -
  • -

    SHA2-384

    -
    • -
  • -

    SHA2-512

    -
    • -
  • -

    SHA2-512/224

    -
    • -
  • -

    SHA2-512/256

    -
    • -
  • -

    SHA3-224

    -
    • -
  • -

    SHA3-256

    -
    • -
  • -

    SHA3-384

    -
    • -
  • -

    SHA3-512

    -
    • -
 -Test Vectors

The ACVP server provides test vectors to the ACVP client, which are then processed and returned to the ACVP server for validation. A typical ACVP validation test session would require multiple test vector sets to be downloaded and processed by the ACVP client. Each test vector set represents an individual algorithm defined during the capability exchange. This section describes the JSON schema for a test vector set used with Password-based KDF algorithms.

-

The test vector set JSON schema is a multi-level hierarchy that contains meta data for the entire vector set as well as individual test vectors to be processed by the ACVP client. The following table describes the JSON elements at the top level of the hierarchy.

- -Top Level Test Vector JSON Elements - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
JSON ValuesDescriptionJSON Type
acvVersionProtocol version identifierstring
vsIdUnique numeric vector set identifierinteger
algorithmAlgorithm defined in the capability exchangestring
modeMode defined in the capability exchangestring
revisionProtocol test revision selectedstring
testGroupsArray of test groups containing test data, see array
-

An example of this would look like this

-{ - "acvVersion": "version", - "vsId": 1, - "algorithm": "Alg1", - "mode": "Mode1", - "revision": "Revision1.0", - "testGroups": [ ... ] -} - -Test Groups

The testGroups element at the top level in the test vector JSON object is an array of test groups. Test vectors are grouped into similar test cases to reduce the amount of data transmitted in the vector set. For instance, all test vectors that use the same key size would be grouped together. The Test Group JSON object contains meta data that applies to all test vectors within the group. The following table describes the Password-based KDF JSON elements of the Test Group JSON object

- -Test Group JSON Object - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
JSON ValuesDescriptionJSON Type
tgIdTest group identifierinteger
hmacAlgThe hash algorithm used in HMACstring
testTypeDescribes the operation the client should perform on the tests datastring
testsArray of individual test casesarray
-

The 'tgId', 'testType' and 'tests' objects MUST appear in every test group element communicated from the server to the client as a part of a prompt. Other properties are dependent on which 'testType' the group is addressing.

 -Test Cases

Each test group contains an array of one or more test cases. Each test case is a JSON object that represents a single test vector to be processed by the ACVP client. The following table describes the JSON elements for each Password-based KDF test vector.

- -Test Case JSON Object - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
JSON ValuesDescriptionJSON Type
tcIdTest case idenfitierinteger
keyLenLength of the output keyinteger
saltSalt valuehex
passwordPassword valuestring
iterationCountNumber of iterationsinteger
-

Here is an abbreviated yet fully constructed example of the prompt

-{ - "vsId": 1, - "algorithm": "kdf-components", - "mode": "PBKDF", - "revision": "1.0", - "testGroups": [ - { - "tgId": 1, - "testType": "AFT", - "hmacAlg": "SHA2-224", - "tests": [ - { - "tcId": 1, - "keyLen": 143, - "salt": "BC902BA1EB3BD8519B68022F0FC15600D5D27A", - "password": "FSLuCqOV", - "iterationCount": 955 - }, - { - "tcId": 2, - "keyLen": 188, - "salt": "8120C1DED77061BC5ED637DD51174F12", - "password": "HCmKuigqgFlqpJv", - "iterationCount": 269 - } - ] - } - ] -} - -Responses

After the ACVP client downloads and processes a vector set, it must send the response vectors back to the ACVP server. The following table describes the JSON object that represents a vector set response.

- -Vector Set Response JSON Object - - - - - - - - - - - - - - - - - - - - - - - - -
JSON PropertyDescriptionJSON Type
acvVersionThe version of the protocolstring
vsIdThe vector set identifierinteger
testGroupsThe test group dataarray
-

An example of this is the following

-{ - "acvVersion": "version", - "vsId": 1, - "testGroups": [ ... ] -} - -

The testGroups section is used to organize the ACVP client response in a similar manner to how it receives vectors. Several algorithms SHALL require the client to send back group level properties in their response. This structure helps accommodate that.

- -Vector Set Group Response JSON Object - - - - - - - - - - - - - - - - - - - -
JSON PropertyDescriptionJSON Type
tgIdThe test group identifierinteger
testsThe test case dataarray
-

An example of this is the following

-{ - "tgId": 1, - "tests": [ ... ] -} - -

The following table describes the JSON object that represents a test case response for a Password-based KDF.

- -Test Case Results JSON Object - - - - - - - - - - - - - - - - - - - -
JSON PropertyDescriptionJSON Type
tcIdThe test case identifierinteger
derivedKeyThe outputted keyhex
-

Here is an abbreviated example of the response

-{ - "vsId": 1, - "algorithm": "kdf-components", - "mode": "pbkdf", - "revision": "1.0", - "testGroups": [ - { - "tgId": 1, - "tests": [ - { - "tcId": 1, - "derivedKey": "986B212420E3B977068244E6BD..." - }, - { - "tcId": 2, - "derivedKey": "B8F3EEC6B5FA270FB05644DE40..." - } - ] - } - ] -} - - -Security Considerations -

There are no additional security considerations outside of those outlined in the ACVP document.

- - -IANA Considerations -

This document does not require any action by IANA.

- - -Normative References 2020-06-23 Key words for use in RFCs to Indicate Requirement Levels https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml https://www.rfc-editor.org/info/rfc2119 RFC 2119 RFC2119 10.17487/RFC2119 1997-03 S. Bradner Internet Engineering Task Force IETF Internet Engineering Task Force IETF en In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. BCP 14 RFC 2119 Fremont, CA 2020-06-23 The "xml2rfc" Version 3 Vocabulary https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.7991.xml https://www.rfc-editor.org/info/rfc7991 RFC 7991 RFC7991 10.17487/RFC7991 2016-12 P. Hoffman Internet Engineering Task Force IETF Internet Engineering Task Force IETF en This document defines the "xml2rfc" version 3 vocabulary: an XML-based language used for writing RFCs and Internet-Drafts. It is heavily derived from the version 2 vocabulary that is also under discussion. This document obsoletes the v2 grammar described in RFC 7749. RFC 7991 Fremont, CA 2020-06-23 Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words https://xml2rfc.tools.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml https://www.rfc-editor.org/info/rfc8174 RFC 8174 RFC8174 10.17487/RFC8174 2017-05 B. Leiba Internet Engineering Task Force IETF Internet Engineering Task Force IETF en RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. BCP 14 RFC 8174 Fremont, CA - - 2020-08-10 - Automatic Cryptographic Validation Protocol - ACVP - - 2019 - - - - - B. - Fussell - - - - Cisco - - - - - - - - A. - Vassilev - - - - National Institute of Standards and Technology - NIST - - - - - - - - H. - Booth - - - - National Institute of Standards and Technology - NIST - - - - - - - - National Institute of Standards and Technology - NIST - - - -