NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0191:  NIT Technical Decision for Using secp521r1 for TLS communication

Publication Date
2017.04.10

Protection Profiles
CPP_FW_V1.0, CPP_ND_V1.0

Other References
CPP_ND_V1.0, CPP_FW_V1.0, FCS_TLSS_EXT.1.3. FCS_TLSS_EXT.2.3

Issue Description

The Network Interpretations Team (NIT) has issued a technical decision regarding using secp521r1 for TLS communication.

Resolution

To align with NIT interpretation # 201611rev2, FCS_TLSS_EXT.1.3 and FCS_TLSS_EXT.2.3 is modified as follows:

 "The TSF shall generate key establishment parameters using RSA with key size 2048 bits and [selection: 3072 bits, 4096 bits, no other size] and [selection: over NIST curves [selection: secp256r1, secp384r1, secp521r1] and no other curves; Diffie-Hellman parameters of size 2048 bits and [selection: 3072 bits, no other size]; no other]."

For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201611rev2.pdf

Justification

See issue description.

 
 
Site Map              Contact Us              Home