TD0282: Test Activities added for Key Distribution and Key Generation
Publication Date
2018.01.19
Protection Profiles
PP_WLAN_AS_EP_V1.0
Other References
FCS_CKM.1(2). FCS_CKM.2(3)
Issue Description
FCS_CKM.1(2) did not include all tests align with WPA2 certification and FCS_CKM.2(3) was missing a selection for KWP and the KW and KWP test actvities. Resolution
Additionally, the evaluator shall test the PRF function using the test vectors from: - Section 2.4 “The PRF Function – PRF(key, prefix, data, length)” of the IEEE 802.11-02/362r6 document "Proposed Test vectors for IEEE 802.11 TGi" dated September 10, 2002, and
- Annex M.3 “PRF reference implementation and test vectors” of IEEE 802.11-2012.
FCS_CKM.2.1(3) [NIST SP 800-38F, IEEE 802.11-2012 for the packet format and timing considerations] and does not expose the cryptographic keys.
Test 1: The evaluator shall test the authenticated encryption functionality of AES-KW for EACH combination of the following input parameter lengths: 128 and 256 bit key encryption keys (KEKs) Three plaintext lengths. One of the plaintext lengths shall be two semi-blocks (128 bits). One of the plaintext lengths shall be three semi-blocks (192 bits). The third data unit length shall be the longest supported plaintext length less than or equal to 64 semi-blocks (4096 bits). using a set of 100 key and plaintext pairs and obtain the ciphertext that results from AES-KW authenticated encryption. To determine correctness, the evaluator shall use the AES-KW authenticated-encryption function of a known good implementation. Test 2: The evaluator shall test the authenticated-decryption functionality of AES-KW using the same test as for authenticated-encryption, replacing plaintext values with ciphertext values and AES-KW authenticated-encryption with AES-KW authenticated-decryption. Additionally, the evaluator shall modify one byte of the ciphertext, attempt to decrypt the modified ciphertext, and ensure that a failure is returned rather than plaintext.
Test 1: The evaluator shall test the authenticated-encryption functionality of AES-KWP for EACH combination of the following input parameter lengths: 128 and 256 bit key encryption keys (KEKs) Three plaintext lengths. One plaintext length shall be one octet. One plaintext length shall be 20 octets (160 bits). One plaintext length shall be the longest supported plaintext length less than or equal to 512 octets (4096 bits). using a set of 100 key and plaintext pairs and obtain the ciphertext that results from AES-KWP authenticated encryption. To determine correctness, the evaluator shall use the AES-KWP authenticated-encryption function of a known good implementation. Test 2: The evaluator shall test the authenticated-decryption functionality of AES-KWP using the same test as for AES-KWP authenticated-encryption, replacing plaintext values with ciphertext values and AES-KWP authenticated-encryption with AES-KWP authenticated-decryption. Additionally, the evaluator shall modify one byte of the ciphertext, attempt to decrypt the modified ciphertext, and ensure that a failure is returned rather than plaintext. Justification
See issue description. |