70   Mandatory and optional Key Wrap algorithms

Created: 06 Nov 2024

Status: Approval (Editoral)

Part: Part 5 (2013, Edition 2, TS)

Links:

Page: 39, 91, 98, 101

Clause: 7.2.6.4, 8.2.3.2, 8.3.4.1, 11.4

Paragraph: -

Issue

In IEC 62351-5, 7.2.6.4 the possible Key Wrap Algorithms listed are:
<1> := AES-128 Key Wrap Algorithm, as described in 8.2.3.2.
<2> := AES-256 Key Wrap Algorithm, as described in 8.3.4.1
Subclause 8.2.3.2 indicates AES-128 as a minimum requirement
Subclause 8.3.4.1 indicates AES-256 as an optional requirement

Issue:
Subclause 11.2 (PICS) indicates AES-256 as a minimum requirement.

Proposal

Correct subclause 11.4 adding AES-128 as mandatory and set AES-256 as optional.

Discussion Created Status
1) Change the title of subclause 8.2.3.2 to "AES-128 and AES-256 Key Wrap"
2) Remove subclause 8.3.4.1
3) Correct subclause 11.4 adding AES-128 also as mandatory

Reasoning: in the exiting document AES-128 and AES-256 algorithms have been required to be supported mandatorly in different places or in different subclauses, so this correction aligns the requirements in all places.
22 Nov 24 Approval (Editoral)
Proposal to make both AES-128 and AES-256 mandatory to be supported.
22 Nov 24 Discussion (red)
In accordance with the related subclauses above in the document, replace the text "AES-256 Key Wrap (required)" with "AES-128 Key Wrap (required)"

or

Make AES-256 as the minimum mandatory Key Wrap algorithm as follow (deprecate AES-128):

- In Subclause 7.2.6.4, remove AES-128.
- In Subclause 8.2.3.2 indicates AES-256 as the minimum required Key Wrap Algorithm (for both Update Key Change and Session Key Change).

- Update 8.2.4.2 and 8.2.4.3 accordingly.
- Update 8.3.4 with optional Key Wrap algorithms
20 Nov 24 Discussion (red)
Possible editorial error. 20 Nov 24 Accepted
I agree with the proposal. 07 Nov 24 Triage

 

Privacy | Contact | Disclaimer

Tissue DB v. 24.12.6.1