BSI Adherance #247
BSI Adherance #247
Conversation
Sha256withRSA -- Dilithium
| g >= 1^2048; | ||
|
|
||
| bitlength(p) >= 3000;// Choose an element g ∈ F∗ p withord(g) primeandq := ord(g) ≥ 2^250 | ||
| bitlength(g) >= 250; |
There was a problem hiding this comment.
We don't have a predefined predicate bitlength...
| length[src] >= offset + len; | ||
| offset >= 0; | ||
| len > 0; | ||
| length[iv] == 12; |
There was a problem hiding this comment.
iv is not used in any event, i.e. this constraint is just dead. If I understand it correctly, src is the IV where we have a length constraint. Is this constraint sufficient?
| length[src] >= offset + len; | ||
| offset >= 0; | ||
| len > 0; | ||
| length[iv] == 12; | ||
| unique[iv] // initiallization vector should not be repeated over the entire lifetime of a key |
There was a problem hiding this comment.
We don't have a predefined predicate unique... It would maybe be possible to add it to the REQUIRES section, then we need a corresponding part in the ENSURES section for a class that can generate an IV
| @@ -17,6 +17,7 @@ CONSTRAINTS | |||
| length[iv] >= offset + len; | |||
| offset >= 0; | |||
| len > 0; | |||
| unique[iv] | |||
There was a problem hiding this comment.
We don't have a predefined predicate unique... It would maybe be possible to add it to the REQUIRES section, then we need a corresponding part in the ENSURES section for a class that can generate an IV
| symmetricKeyAlgorithm in {"AES", "HmacSHA256", "HmacSHA384", "HmacSHA512", | ||
| "HMACSHA3-256", "HMACSHA3-384", "HMACSHA3-512"}; | ||
| tagLength>=96 |
There was a problem hiding this comment.
keyLength, curveBits and tagLength are not defined or used in any EVENT. Hence, these constraints are not valid
| @@ -12,7 +12,7 @@ ORDER | |||
| Con | |||
|
|
|||
| CONSTRAINTS | |||
| keysize in {4096}; //BSI TR-02102-1 Recommends atleast 3000bits for keys | |||
| keysize >= 3000; //BSI TR-02102-1 Recommends atleast 3000bits for keys | |||
| @@ -39,6 +39,8 @@ CONSTRAINTS | |||
| plainTextOffset >= 0; | |||
| plainTextLen > 0; | |||
| cipherTextOffset >= 0; | |||
|
|
|||
| padding in {ISO, Padding58,ESP}// BSI recoomedation for padding Scheme (ISO-Padding, Padding according to [58], ESP-Padding) | |||
There was a problem hiding this comment.
padding is never defined
| algorithm in {"RSA"} => keysize >=3000; | ||
| algorithm in {"DSA"} => keysize >= 3072; | ||
| algorithm in {"DiffieHellman", "DH"} => keysize >=3000; | ||
| algorithm in {"EC"} => keysize >=250; |
| algorithm in {"EC"} => keysize >=250; | ||
|
|
||
| FORBIDDEN | ||
| algorithm =="DSA" && afterYear>=2029; |
There was a problem hiding this comment.
FORBIDDEN can only hold events
| @@ -12,7 +12,7 @@ ORDER | |||
| Con | |||
|
|
|||
| CONSTRAINTS | |||
| keysize in {3072, 4096}; //BSI TR-02102-1 Recommends atleast 3000bits for keys | |||
| keysize >= 3000; //BSI TR-02102-1 Recommends atleast 3000bits for keys | |||
No description provided.