Comments (4)
Working on it. New build tomorrow.
from iot-fdo-conformance-tools.
Addressed
from iot-fdo-conformance-tools.
We traced the requirement that the AAD IV cannot be zero, or any predictable value:
See reference to:
https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
8. Uniqueness Requirement on IVs and Keys
The IVs in GCM must fulfill the following “uniqueness” requirement:
The probability that the authenticated encryption function ever will be invoked with the
same IV and the same key on two (or more) distinct sets of input data shall be no greater
than 2-32.
Compliance with this requirement is crucial to the security of GCM. Across all instances of the
authenticated encryption function with a given key, if even one IV is ever repeated, then the
implementation may be vulnerable to the forgery attacks that are described in Ref [5] and
summarized in Appendix A. In practice, this requirement is almost as important as the secrecy
of the key.
This document is referenced as authoritative by IETF, and is also referenced in the FDO specification.
from iot-fdo-conformance-tools.
Reopening, we don't think this is addressed yet, if you do, please provide more evidence.
from iot-fdo-conformance-tools.
Related Issues (20)
- [BUG] Error generating voucher: 90 is an unsupported SgType for the device HOT 1
- [BUG] Incompatible Hash/Hmac type, Device stestation and Owner attestation HOT 2
- [BUG] Msg66: Cose tag in CoseEncrypt0 is missing HOT 2
- [BUG] Replacement rvinfo in message 65 is empty HOT 1
- [BUG] Error in encryption / decryption for ciphersuites A256GCM and AES-CCM-64-128-256
- [BUG] List of all Devmod modules is not accepted by conformance owner
- [BUG] Msg69: Error parsing service info
- [BUG] Add support for compressed ECDSA points
- [BUG] Error in building code on prem HOT 3
- [BUG] Error uploading voucher to the dashboard HOT 1
- [BUG] Invalid EAT-UEID tag and value sent in message 64 by conformance client HOT 1
- [BUG] Undesired and invalid values sent for EATPayloadBase in message 32 and message 64 HOT 1
- [BUG] Build issues on windows
- Add check when running
- Refactor entry creration for rv testing
- Add readme instructions for virtual testing
- Add section about env vars
- [BUILD ISSUE] Building the tool with "make build" command returns error HOT 1
- [BUG] All devmod modules should be sent by conformance client in message 68 and to be accepted by conformance owner
- [BUG] Signature verification failure of message 65 on conformance client
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from iot-fdo-conformance-tools.