TBD A. Vassilev, Ed.
Internet-Draft NIST
Intended status: Informational February 21, 2019
Expires: August 25, 2019

ACVP IANA Registry
draft-vassilev-acvp-iana-00

Abstract

This document defines a set of IANA registries for supported cryptographic algorithm test specifications in the Automated Cryptographic Validation Protocol (ACVP) [acvp]. This document also shows how to extend the capabilities of ACVP with testing for new cryptographic algorithms.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on August 25, 2019.

Copyright Notice

Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.


Table of Contents

1. Introduction

The Automated Cryptographic Validation Protocol (ACVP) [acvp] defines a mechanism to automatically validate the cryptographic algorithm implementations of software or hardware cryptographic modules. The ACVP specification defines how a cryptographic module communicates with a validation authority server, including cryptographic capabilities negotiation, session management, authentication, test vector processing and more. The ACVP specification does not define algorithm-specific JSON constructs for performing the cryptographic validation. A series of ACVP-related sub-specifications define the constructs for testing individual cryptographic algorithms, see for example [sub-symmetric]. Each such sub-specification addresses a specific algorithm or a class of cryptographic algorithms. This document defines the IANA registry for the supported algorithm test specifications that work with ACVP. The registry defined here provides the binding between the protocol and the supported algorithm test extensions.

2. IANA namespaces

There are three namespaces envisioned for extensions to the ACVP:

TBD

3. Algorithm registry

Each entry in the algorithm registry must record the following fields:

Algorithm registry
Name Revision Reference
"ACVP-AES-ECB" "1.0" [sub-symmetric]
"ACVP-AES-CBC" "1.0" [sub-symmetric]
"ACVP-AES-OFB" "1.0" [sub-symmetric]
"ACVP-AES-CFB1" "1.0" [sub-symmetric]
"ACVP-AES-CFB8" "1.0" [sub-symmetric]
"ACVP-AES-CFB128" "1.0" [sub-symmetric]
"ACVP-AES-CTR" "1.0" [sub-symmetric]
"ACVP-AES-GCM" "1.0" [sub-symmetric]
"ACVP-AES-CCM" "1.0" [sub-symmetric]
"ACVP-AES-XPN" "1.0" [sub-symmetric]
"ACVP-AES-CMAC" "1.0" [sub-symmetric]
"ACVP-AES-GMAC" "1.0" [sub-symmetric]
"ACVP-AES-KW" "1.0" [sub-symmetric]
"ACVP-AES-KWP" "1.0" [sub-symmetric]
"ACVP-AES-XTS" "1.0" [sub-symmetric]
"ACVP-TDES-ECB" "1.0" [sub-symmetric]
"ACVP-TDES-CBC" "1.0" [sub-symmetric]
"ACVP-TDES-OFB" "1.0" [sub-symmetric]
"ACVP-TDES-CFB1" "1.0" [sub-symmetric]
"ACVP-TDES-CFB8" "1.0" [sub-symmetric]
"ACVP-TDES-CFB64" "1.0" [sub-symmetric]
"ACVP-TDES-CTR" "1.0" [sub-symmetric]
"ACVP-TDES-KW" "1.0" [sub-symmetric]

4. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted in RFC 2119.

5. Acknowledgements

Many thanks to David Waltermire for his helpful comments to get us started on the right path.

6. IANA Considerations

This memo includes several requests to IANA.

6.1. ACVP URN Sub-namespace

IANA should add an entry to the "IETF URN Sub-namespace for Registered Protocol Parameter Identifiers" registry located at https://www.iana.org/assignments/params/ as per [RFC3553].

The entry should be as follows:

6.2. ACVP URN Parameters

A new top-level registry should be created, titled "Automated Cryptographic Validation Protocol (ACVP) URN Parameters".

Registration in the "ACVP URN Parameters" registry is via the Specification Required policy [RFC8126]. Registration requests must be sent to both the ACVP Working Group mailing list (acvp@ietf.org) and IANA. IANA will forward registration requests to the Designated Expert.

Each entry in this subregistry must record the following fields:

This repository SHALL have as initial values the entries in Table 1.

7. Security Considerations

Security considerations are addressed by the ACVP specification.

8. Normative References

[acvp] Fussell, B., Vassilev, A. and H. Booth, "Automatic Cryptographic Validation Protocol", 2018.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997.
[RFC3553] Mealling, M., Masinter, L., Hardie, T. and G. Klyne, "An IETF URN Sub-namespace for Registered Protocol Parameters", BCP 73, RFC 3553, DOI 10.17487/RFC3553, June 2003.
[RFC8126] Cotton, M., Leiba, B. and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017.
[RFC8141] Saint-Andre, P. and J. Klensin, "Uniform Resource Names (URNs)", RFC 8141, DOI 10.17487/RFC8141, April 2017.
[sub-symmetric] Celi, C., "ACVP Symmetric Algorithm JSON Specification", 2018.

Author's Address

Apostol Vassilev (editor) NIST 100 Bureau Dr. Gaithersburg, MD 20899 USA EMail: apostol.vassilev@nist.gov