acvp_sub_kas_ffc.txt

TBD                                                      B. Fussell, Ed.
Internet-Draft                                       Cisco Systems, Inc.
Intended status: Informational                           R. Hammett, Ed.
Expires: March 5, 2019                                          G2, Inc.
                                                          September 2018


                    ACVP KAS FFC JSON Specification
                     draft-ietf-acvp-subkasffc-0.5

Abstract

   This document defines the JSON schema for using KAS FFC algorithms
   with the ACVP specification.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on March 5, 2019.

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.





Fussell & Hammett         Expires March 5, 2019                 [Page 1]

Internet-Draft                Sym Alg JSON                September 2018


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
   2.  Test Types and Test Coverage  . . . . . . . . . . . . . . . .   3
     2.1.  Test Coverage . . . . . . . . . . . . . . . . . . . . . .   4
       2.1.1.  KAS-ECC Requirements Covered  . . . . . . . . . . . .   4
       2.1.2.  KAS-ECC Requirements Not Covered  . . . . . . . . . .   5
   3.  Capabilities Registration . . . . . . . . . . . . . . . . . .   6
     3.1.  Required Prerequisite Algorithms for KAS FFC Validations    6
     3.2.  KAS FFC Algorithm Capabilities JSON Values  . . . . . . .   8
     3.3.  Supported KAS FFC Functions . . . . . . . . . . . . . . .   9
     3.4.  KAS FFC Schemes . . . . . . . . . . . . . . . . . . . . .  10
       3.4.1.  KAS FFC Scheme Capabilities JSON Values . . . . . . .  10
       3.4.2.  Supported KAS FFC Schemes . . . . . . . . . . . . . .  11
     3.5.  KAS FFC Modes . . . . . . . . . . . . . . . . . . . . . .  12
       3.5.1.  KAS FFC noKdfNoKc . . . . . . . . . . . . . . . . . .  12
       3.5.2.  KAS FFC kdfNoKc . . . . . . . . . . . . . . . . . . .  12
       3.5.3.  KAS FFC kdfKc . . . . . . . . . . . . . . . . . . . .  13
     3.6.  Parameter Sets  . . . . . . . . . . . . . . . . . . . . .  13
       3.6.1.  KAS FFC Parameter Set . . . . . . . . . . . . . . . .  13
       3.6.2.  KAS FFC Parameter Set Details . . . . . . . . . . . .  14
     3.7.  Supported Hash Algorithm Methods  . . . . . . . . . . . .  14
     3.8.  Supported KAS FFC MAC Options . . . . . . . . . . . . . .  15
     3.9.  Supported KAS FFC KDF Options . . . . . . . . . . . . . .  16
       3.9.1.  Other Information Construction  . . . . . . . . . . .  17
     3.10. Supported KAS FFC KC Options  . . . . . . . . . . . . . .  18
     3.11. Example KAS FFC Capabilities JSON Object  . . . . . . . .  18
     3.12. Example KAS FFC Component Capabilities JSON Object  . . .  21
   4.  Generation requirements per party per scheme  . . . . . . . .  22
   5.  Test Vectors  . . . . . . . . . . . . . . . . . . . . . . . .  30
     5.1.  Test Groups JSON Schema . . . . . . . . . . . . . . . . .  31
     5.2.  Test Case JSON Schema . . . . . . . . . . . . . . . . . .  34
     5.3.  Example Test Vectors JSON Object  . . . . . . . . . . . .  37
     5.4.  Example Test Vectors Component JSON Object  . . . . . . .  51
   6.  Test Vector Responses . . . . . . . . . . . . . . . . . . . .  53
     6.1.  Example Test Results JSON Object  . . . . . . . . . . . .  54
     6.2.  Example Test Results Component JSON Object  . . . . . . .  59
   7.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .  60
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  60
   9.  Security Considerations . . . . . . . . . . . . . . . . . . .  60
   10. Normative References  . . . . . . . . . . . . . . . . . . . .  60
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  61








Fussell & Hammett         Expires March 5, 2019                 [Page 2]

Internet-Draft                Sym Alg JSON                September 2018


1.  Introduction

   The Automated Crypto Validation Protocol (ACVP) defines a mechanism
   to automatically verify the cryptographic implementation of a
   software or hardware crypto module.  The ACVP specification defines
   how a crypto module communicates with an ACVP server, including
   crypto capabilities negotiation, session management, authentication,
   vector processing and more.  The ACVP specification does not define
   algorithm specific JSON constructs for performing the crypto
   validation.  A series of ACVP sub-specifications define the
   constructs for testing individual crypto algorithms.  Each sub-
   specification addresses a specific class of crypto algorithms.  This
   sub-specification defines the JSON constructs for testing KAS FFC
   algorithms using ACVP.

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted in RFC 2119 [RFC2119].

2.  Test Types and Test Coverage

   The ACVP server performs a set of tests on the KAS protocol in order
   to assess the correctness and robustness of the implementation.  A
   typical ACVP validation session would require multiple tests to be
   performed for every supported permutation of KAS capabilities.  This
   section describes the design of the tests used to validate
   implementations of KAS algorithms.  There are two test types for KAS
   testing:

      "AFT" - Algorithm Function Test.  In the AFT test mode, the IUT
      MUST act as a party in the Key Agreement with the ACVP server.
      The server SHALL generate and provide all necessary information
      for the IUT to perform a successful key agreement; both the server
      and IUT MAY act as party U/V, as well as recipient/provider to key
      confirmation.

      "VAL" - Validation test.  In the VAL test mode, The ACVP server
      generates a complete (from both party U and party V's
      perspectives) key agreement, and REQUIRES the IUT to determine if
      that agreement is valid.  Various types of errors SHALL be
      introduced in varying portions of the key agreement process
      (changed DKM, changed key, changed hash, etc), that the IUT MUST
      be able to detect and report on.






Fussell & Hammett         Expires March 5, 2019                 [Page 3]

Internet-Draft                Sym Alg JSON                September 2018


2.1.  Test Coverage

   The tests described in this document have the intention of ensuring
   an implementation is conformant to [SP800-56a].

2.1.1.  KAS-ECC Requirements Covered

      SP 800-56a - 4.1 Key Establishment Preparations.  The ACVP server
      is responsible for generating domain parameters as per the IUT's
      capability registration.

      SP 800-56a - 4.2 Key-Agreement Process.  Both the ACVP server and
      IUT participate in the Key Agreement process.  The server and IUT
      can both take the roles of party U/V, and as such the "performer"
      of steps depicted in "Figure 2: Key Agreement process" can vary.

      SP 800-56a - 5.1 Cryptographic Hash Functions.  All modes of
      performing KAS SHALL make use of a hash function.  The hash
      function MAY be used for confirmation of a successfully generated
      shared secret Z (noKdfNoKc), or as a primitive within the KDF
      being tested (kdfNoKc and kdfKc).

      SP 800-56a - 5.2 Message Authentication Code (MAC) Algorithm.  A
      MAC is utilized for confirmation of success for kdfNoKc and kdfKc
      modes of KAS.  Note - a MAC prerequisite is REQUIRED only for
      kdfKc, though is utilized for both kdfNoKc and kdfKc.

      SP 800-56a - 5.4 Nonce.  Nonces are made use of in various KAS
      schemes - both the ACVP server and IUT SHALL be expected to
      generate nonces.

      SP 800-56a - 5.6 Domain Parameters.  Domain Parameter Generation
      SHALL be performed solely from the ACVP server, with constraints
      from the IUTs capabilities registration.  The same set of domain
      parameters SHALL generate all keypairs (party U/V, static/
      ephemeral) for a single test case.

      SP 800-56a - 5.6 Key-Pair Generation.  While Key-Pairs are used in
      each KAS scheme, the generation of said key-pairs is out of scope
      for KAS testing.  Random tests from the VAL groups, MAY inject bad
      keypairs that the IUT MUST be able detect.  These random tests are
      only present in groups given appropriate assurance functions see:
      Section 3.3

      SP 800-56a - 4.3 DLC-based Key-Transport Process / 5.7 DLC
      Primitives.  Depending on the scheme used, either Diffie Hellman
      or MQV SHALL be used to negotiate a shared secret of z.  Testing




Fussell & Hammett         Expires March 5, 2019                 [Page 4]

Internet-Draft                Sym Alg JSON                September 2018


      and validation of such key exchanges is covered under their
      respective schemes.

      SP 800-56a - 5.8 Key-Derivation Methods for Key-Agreement Schemes.
      All schemes/modes save noKdfNoKc (component) MUST make use of a
      KDF.  KDF construction SHALL utilize Section 3.9.1 for its
      pattern.

      SP 800-56a - 5.9 Key Confirmation.  Most KAS schemes allow for a
      Key Confirmation process, the ACVP server and IUT MAY be Providers
      or Recipients of said confirmation.  Additionally, key
      confirmation MAY be performed on one or both parties (depending on
      scheme).

      SP 800-56a - 6 Key Agreement Schemes.  All schemes specified in
      referenced document are supported for validation with the ACVP
      server.

2.1.2.  KAS-ECC Requirements Not Covered

      SP 800-56a - 4.1 Key Establishment Preparations.  The ACVP server
      SHALL NOT make a distinction between IUT generated keys via a
      trusted third party and the IUT itself.

      SP 800-56a - 5.3 Random Number Generation.  The IUT MUST perform
      all random number generation with a validated random number
      generator.  A DRBG is REQUIRED as a prerequisite to KAS, but SHALL
      NOT be in the scope testing assurances.

      SP 800-56a - 5.4 Nonce.  Nonce generation is utilized for several
      schemes.  The various methods of generating a nonce described in
      section 5.5 MUST be used, however their generation SHALL NOT be in
      scope of KAS testing assurances

      SP 800-56a - 5.5.2 Assurances of Domain-Parameter Validity.  The
      ACVP server SHALL generate all domain parameters, IUT validation
      of such parameters is SHALL NOT be in scope for KAS testing.

      SP 800-56a - 5.5.3 Domain Parameter Management.  Domain Parameter
      Management SHALL NOT be in scope for KAS testing.

      SP 800-56a - 5.6 Key-Pair Generation.  While Key-Pairs MUST be
      used in each KAS scheme, the generation, assurances, and
      management of said key-pairs SHALL NOT be in scope of KAS testing.

      SP 800-56a - 5.8 Key-Derivation Methods for Key-Agreement Schemes.
      Two-step Key-Derivation (Extraction-then-Expansion) SHALL NOT be
      utilized in KAS testing.



Fussell & Hammett         Expires March 5, 2019                 [Page 5]

Internet-Draft                Sym Alg JSON                September 2018


      SP 800-56a - 5.9 Key Confirmation.  KMAC is referenced in 800-56a
      as being a valid MAC function; it however SHALL NOT (currently) be
      supported in KAS testing.

      SP 800-56a - 5.7 Rationale for Selecting a Specific Scheme.  It is
      expected that the IUT registers all schemes it supports in its
      capabilities registration.  Selecting specific schemes from a KAS
      testing perspective SHALL NOT be in scope.

      SP 800-56a - 8 Key Recovery.  Key Recovery SHALL NOT be in scope
      of KAS testing.

3.  Capabilities Registration

   ACVP REQUIRES crypto modules to register their capabilities.  This
   allows the crypto module to advertise support for specific
   algorithms, notifying the ACVP server which algorithms need test
   vectors generated for the validation process.  This section describes
   the constructs for advertising support of KAS FFC algorithms to the
   ACVP server.

   The algorithm capabilities are advertised as JSON objects within the
   'algorithms' value of the ACVP registration message.  The
   'algorithms' value is an array, where each array element is an
   individual JSON object defined in this section.  The 'algorithms'
   value is part of the 'capability_exchange' element of the ACVP JSON
   registration message.  See the ACVP specification for details on the
   registration message.  Each KDF algorithm capability advertised is a
   self-contained JSON object.

3.1.  Required Prerequisite Algorithms for KAS FFC Validations

   Some algorithm implementations rely on other cryptographic
   primitives.  For example, IKEv2 uses an underlying SHA algorithm.
   Each of these underlying algorithm primitives must be validated,
   either separately or as part of the same submission.  ACVP provides a
   mechanism for specifying the required prerequisites:














Fussell & Hammett         Expires March 5, 2019                 [Page 6]

Internet-Draft                Sym Alg JSON                September 2018


   +--------------+--------------+--------------+-----------+----------+
   | JSON Value   | Description  | JSON type    | Valid     | Optional |
   |              |              |              | Values    |          |
   +--------------+--------------+--------------+-----------+----------+
   | algorithm    | a            | value        | CCM,      | No       |
   |              | prerequisite |              | CMAC,     |          |
   |              | algorithm    |              | DRBG,     |          |
   |              |              |              | DSA,      |          |
   |              |              |              | HMAC, SHA |          |
   |              |              |              |           |          |
   | valValue     | algorithm    | value        | actual    | No       |
   |              | validation   |              | number or |          |
   |              | number       |              | "same"    |          |
   |              |              |              |           |          |
   | prereqAlgVal | prerequistie | object with  | see above | Yes      |
   |              | algorithm    | algorithm    |           |          |
   |              | validation   | and valValue |           |          |
   |              |              | properties   |           |          |
   |              |              |              |           |          |
   +--------------+--------------+--------------+-----------+----------+

           Table 1: Required Prerequisite Algorithms JSON Values

   KAS has conditional prerequisite algorithms, depending on the
   capabilities registered:


























Fussell & Hammett         Expires March 5, 2019                 [Page 7]

Internet-Draft                Sym Alg JSON                September 2018


   +--------------+----------------------------------------------------+
   | Prerequisite | Condition                                          |
   | Algorithm    |                                                    |
   +--------------+----------------------------------------------------+
   | DRBG         | Always REQUIRED                                    |
   |              |                                                    |
   | SHA          | Always REQUIRED                                    |
   |              |                                                    |
   | DSA          | DSA.PQGGen validation REQUIRED when IUT using      |
   |              | assurance function of "dpGen".  DSA.PQGVer         |
   |              | validation REQUIRED when IUT using assurance       |
   |              | function of "dpVal".  DSA.KeyPairGen validation    |
   |              | REQUIRED when IUT using assurances functions of    |
   |              | "keyPairGen", or "keyRegen".                       |
   |              |                                                    |
   | AES-CCM      | AES-CCM validation REQUIRED when IUT is performing |
   |              | KeyConfirmation (KC) and utilizing AES-CCM.        |
   |              |                                                    |
   | CMAC         | CMAC validation REQUIRED when IUT is performing    |
   |              | KeyConfirmation (KC) and utilizing CMAC.           |
   |              |                                                    |
   | HMAC         | HMAC validation REQUIRED when IUT is performing    |
   |              | KeyConfirmation (KC) and utilizing HMAC.           |
   |              |                                                    |
   +--------------+----------------------------------------------------+

               Table 2: Prerequisite requirement conditions

3.2.  KAS FFC Algorithm Capabilities JSON Values

   Each algorithm capability advertised is a self-contained JSON object
   using the following values.



















Fussell & Hammett         Expires March 5, 2019                 [Page 8]

Internet-Draft                Sym Alg JSON                September 2018


   +------------+----------------+--------------+-----------+----------+
   | JSON Value | Description    | JSON type    | Valid     | Optional |
   |            |                |              | Values    |          |
   +------------+----------------+--------------+-----------+----------+
   | algorithm  | The algorithm  | value        | KAS-FFC   | No       |
   |            | under test     |              |           |          |
   |            |                |              |           |          |
   | mode       | The algorithm  | value        | Component | Yes      |
   |            | mode.          |              |           |          |
   |            |                |              |           |          |
   | prereqVals | Prerequisite   | array of     | See       | No       |
   |            | algorithm      | prereqAlgVal | Section   |          |
   |            | validations    | objects      | 3.1       |          |
   |            |                |              |           |          |
   | function   | Type of        | array        | See       | No       |
   |            | function       |              | Section   |          |
   |            | supported      |              | 3.3       |          |
   |            |                |              |           |          |
   | scheme     | Array of       | object       | See       | No       |
   |            | supported key  |              | Section   |          |
   |            | agreement      |              | 3.4.1     |          |
   |            | schemes each   |              |           |          |
   |            | having their   |              |           |          |
   |            | own            |              |           |          |
   |            | capabilities   |              |           |          |
   |            |                |              |           |          |
   +------------+----------------+--------------+-----------+----------+

                 Table 3: KAS FFC Capabilities JSON Values

   Note: Some optional values are REQUIRED depending on the algorithm.
   Failure to provide these values will result in the ACVP server
   returning an error to the ACVP client during registration.

3.3.  Supported KAS FFC Functions

   The following function types MAY be advertised by the ACVP compliant
   crypto module:

   o  dpGen - IUT can perform domain parameter generation (FFC only)

   o  dpVal - IUT can perform domain parameter validation (FFC only)

   o  keyPairGen - IUT can perform keypair generation.

   o  fullVal - IUT can perform full public key validation ( [SP800-56a]
      section 5.6.2.3.1 / 5.6.2.3.3)




Fussell & Hammett         Expires March 5, 2019                 [Page 9]

Internet-Draft                Sym Alg JSON                September 2018


   o  partialVal - IUT can perform partial public key validation (
      [SP800-56a] section 5.6.2.3.2 / 5.6.2.3.4)

   o  keyRegen - IUT can regenerate keys given a specific seed and
      domain parameter (pqg for FFC, curve for ECC)

3.4.  KAS FFC Schemes

3.4.1.  KAS FFC Scheme Capabilities JSON Values

   All other scheme capabilities are advertised is a self-contained JSON
   object using the following values.  Note that at least one of
   "noKdfNoKc", "kdfNoKc", or "kdfKc" MUST be supplied with the
   registration.  See Section 3.4.2 for allowed FFC scheme types.





































Fussell & Hammett         Expires March 5, 2019                [Page 10]

Internet-Draft                Sym Alg JSON                September 2018


   +-----------+-----------------------+--------+-----------+----------+
   | JSON      | Description           | JSON   | Valid     | Optional |
   | Value     |                       | type   | Values    |          |
   +-----------+-----------------------+--------+-----------+----------+
   | kasRole   | Roles supported for   | array  | initiator | No       |
   |           | key agreement         |        | and/or    |          |
   |           |                       |        | responder |          |
   |           |                       |        |           |          |
   | noKdfNoKc | Indicates no KDF, no  | object | Section   | Yes      |
   |           | KC tests are to be    |        | 3.5.1     |          |
   |           | generated. Note this  |        |           |          |
   |           | is a COMPONENT mode   |        |           |          |
   |           | only test. This       |        |           |          |
   |           | property MUST only be |        |           |          |
   |           | used with "KAS-FFC" / |        |           |          |
   |           | "Component"           |        |           |          |
   |           |                       |        |           |          |
   | kdfNoKc   | Indicates KDF, no KC  | object | Section   | Yes      |
   |           | tests are to be       |        | 3.5.2     |          |
   |           | generated. Note this  |        |           |          |
   |           | is a KAS-FFC only     |        |           |          |
   |           | test. This mode MUST  |        |           |          |
   |           | only be used for      |        |           |          |
   |           | registrations with    |        |           |          |
   |           | "KAS-FFC" (no mode)   |        |           |          |
   |           |                       |        |           |          |
   | kdfKc     | Indicates KDF, KC     | object | Section   | Yes      |
   |           | tests are to be       |        | 3.5.3     |          |
   |           | generated. Note this  |        |           |          |
   |           | is a KAS-FFC only     |        |           |          |
   |           | test. This mode MAY   |        |           |          |
   |           | only be used for      |        |           |          |
   |           | registrations with    |        |           |          |
   |           | "KAS-FFC" (no mode)   |        |           |          |
   |           |                       |        |           |          |
   +-----------+-----------------------+--------+-----------+----------+

                 Table 4: KAS FFC Capabilities JSON Values

3.4.2.  Supported KAS FFC Schemes

   The following schemes MAY be advertised by the ACVP compliant crypto
   module:

   o  dhHybrid1

   o  MQV2




Fussell & Hammett         Expires March 5, 2019                [Page 11]

Internet-Draft                Sym Alg JSON                September 2018


   o  dhEphem - KeyConfirmation not supported.

   o  dhHybridOneFlow

   o  MQV1

   o  dhOneFlow - Can only provide unilateral key confirmation party V
      to party U.

   o  dhStatic

3.5.  KAS FFC Modes

3.5.1.  KAS FFC noKdfNoKc

   Contains properties REQUIRED for "noKdfNoKc" registration.

   +--------------+---------------------+--------+----------+----------+
   | JSON Value   | Description         | JSON   | Valid    | Optional |
   |              |                     | type   | Values   |          |
   +--------------+---------------------+--------+----------+----------+
   | parameterSet | The parameterSet    | object | Section  | No       |
   |              | options for         |        | 3.6.1    |          |
   |              | "noKdfNoKc"         |        |          |          |
   |              |                     |        |          |          |
   +--------------+---------------------+--------+----------+----------+

                      Table 5: NoKdfNoKc Capabilities

3.5.2.  KAS FFC kdfNoKc

   Contains properties REQUIRED for "kdfNoKc" registration.

   +--------------+---------------------+--------+----------+----------+
   | JSON Value   | Description         | JSON   | Valid    | Optional |
   |              |                     | type   | Values   |          |
   +--------------+---------------------+--------+----------+----------+
   | kdfOption    | The kdf options for | object | Section  | No       |
   |              | "kdfNoKc"           |        | 3.9      |          |
   |              |                     |        |          |          |
   | parameterSet | The parameterSet    | object | Section  | No       |
   |              | options for         |        | 3.6.1    |          |
   |              | "kdfNoKc"           |        |          |          |
   |              |                     |        |          |          |
   +--------------+---------------------+--------+----------+----------+

                       Table 6: kdfNoKc Capabilities




Fussell & Hammett         Expires March 5, 2019                [Page 12]

Internet-Draft                Sym Alg JSON                September 2018


3.5.3.  KAS FFC kdfKc

   Contains properties REQUIRED for "kdfKc" registration.

   +--------------+---------------------+--------+----------+----------+
   | JSON Value   | Description         | JSON   | Valid    | Optional |
   |              |                     | type   | Values   |          |
   +--------------+---------------------+--------+----------+----------+
   | kdfOption    | The kdf options for | object | Section  | No       |
   |              | "kdfNoKc"           |        | 3.9      |          |
   |              |                     |        |          |          |
   | kcOption     | The kc options for  | object | Section  | No       |
   |              | "kdfNoKc"           |        | 3.10     |          |
   |              |                     |        |          |          |
   | parameterSet | The parameterSet    | object | Section  | No       |
   |              | options for         |        | 3.6.1    |          |
   |              | "kdfNoKc"           |        |          |          |
   |              |                     |        |          |          |
   +--------------+---------------------+--------+----------+----------+

                        Table 7: kdfKc Capabilities

3.6.  Parameter Sets

3.6.1.  KAS FFC Parameter Set

   Each parameter set advertised is a self-contained JSON object using
   the following values.  Note that at least one parameter set ("fb",
   "fc") MUST be provided.

   +----------+------------------+----------+---------------+----------+
   | JSON     | Description      | JSON     | Valid Values  | Optional |
   | Value    |                  | type     |               |          |
   +----------+------------------+----------+---------------+----------+
   | fb       | The fb parameter | object   | See Section   | Yes      |
   |          | set              |          | 3.6.2         |          |
   |          |                  |          |               |          |
   | fc       | The fc parameter | object   | See Section   | Yes      |
   |          | set              |          | 3.6.2         |          |
   |          |                  |          |               |          |
   +----------+------------------+----------+---------------+----------+

          Table 8: KAS FFC Parameter Set Capabilities JSON Values








Fussell & Hammett         Expires March 5, 2019                [Page 13]

Internet-Draft                Sym Alg JSON                September 2018


3.6.2.  KAS FFC Parameter Set Details

   fb/fc changes minimum allowed values on options.

   fb: Len p - 2048, Len q - 224, min hash len - 224, min keySize - 112,
   min macSize - 64

   fc: Len p - 2048, Len q - 256, min hash len - 256, min keySize - 128,
   min macSize - 64

   "noKdfNoKc" REQUIRES "hashAlg"

   "kdfNoKc" REQUIRES "hashAlg" and at least one valid MAC registration

   "kdfKc" REQUIRES "hashAlg" and at least one valid MAC registration

   +-----------+-----------------------+--------+-----------+----------+
   | JSON      | Description           | JSON   | Valid     | Optional |
   | Value     |                       | type   | Values    |          |
   +-----------+-----------------------+--------+-----------+----------+
   | hashAlg   | The hash algorithms   | array  | See       | Yes      |
   |           | to use for DSA (and   |        | Section   |          |
   |           | noKdfNoKc)            |        | 3.7       |          |
   |           |                       |        |           |          |
   | macOption | The macOption(s) to   | object | See       | Yes      |
   |           | use with "kdfNoKc"    |        | Section   |          |
   |           | and/or "kdfKc"        |        | 3.8       |          |
   |           |                       |        |           |          |
   +-----------+-----------------------+--------+-----------+----------+

      Table 9: KAS FFC Parameter Set Details Capabilities JSON Values

3.7.  Supported Hash Algorithm Methods

   The following SHA methods MAY be advertised by the ACVP compliant
   crypto module:

   o  SHA2-224

   o  SHA2-256

   o  SHA2-384

   o  SHA2-512







Fussell & Hammett         Expires March 5, 2019                [Page 14]

Internet-Draft                Sym Alg JSON                September 2018


3.8.  Supported KAS FFC MAC Options

   The following MAC options MAY be advertised for registration under a
   "kdfNoKc" and "kdfKc" kasMode:

   o  AES-CCM

   o  CMAC

   o  HMAC-SHA2-224

   o  HMAC-SHA2-256

   o  HMAC-SHA2-384

   o  HMAC-SHA2-512



































Fussell & Hammett         Expires March 5, 2019                [Page 15]

Internet-Draft                Sym Alg JSON                September 2018


   +----------+-------------+--------+---------------------+-----------+
   | JSON     | Description | JSON   | Valid Values        | Optional  |
   | Value    |             | type   |                     |           |
   +----------+-------------+--------+---------------------+-----------+
   | keyLen   | The         | Domain | AES based MACs      | No        |
   |          | supported   |        | limited to 128,     |           |
   |          | keyLens for |        | 192, 256. HashAlg   |           |
   |          | the         |        | based MACs mod 8.   |           |
   |          | selected    |        | All keySizes        |           |
   |          | MAC.        |        | minimum MUST        |           |
   |          |             |        | conform to          |           |
   |          |             |        | parameter set       |           |
   |          |             |        | requirements See    |           |
   |          |             |        | Section 3.6.2 .     |           |
   |          |             |        |                     |           |
   | nonceLen | The nonce   | value  | Input as bits,      | Yes       |
   |          | len for use |        | 56-104, odd byte    | (REQUIRED |
   |          | with AES-   |        | values only (7-13). | for AES-  |
   |          | CCM mac     |        | Additionally        | CCM)      |
   |          |             |        | minimum MUST        |           |
   |          |             |        | conform to          |           |
   |          |             |        | parameter set       |           |
   |          |             |        | requirements See    |           |
   |          |             |        | Section 3.6.2 .     |           |
   |          |             |        |                     |           |
   | macLen   | The mac len | value  | Input as bits, mod  | Yes       |
   |          | for use     |        | 8, minimum MUST     | (REQUIRED |
   |          | with mac    |        | conform to          | for AES-  |
   |          |             |        | parameter set       | CCM)      |
   |          |             |        | requirements See    |           |
   |          |             |        | Section 3.6.2 ,     |           |
   |          |             |        | maximum MAY NOT     |           |
   |          |             |        | exceed block size.. |           |
   |          |             |        |                     |           |
   +----------+-------------+--------+---------------------+-----------+

                   Table 10: KAS FFC Mac Option Details

3.9.  Supported KAS FFC KDF Options

   The following MAC options are available for registration under a
   "kdfNoKc" and "kdfKc" kasMode:

   o  concatenation

   o  asn1





Fussell & Hammett         Expires March 5, 2019                [Page 16]

Internet-Draft                Sym Alg JSON                September 2018


   +-----------+-----------------------+-------+------------+----------+
   | JSON      | Description           | JSON  | Valid      | Optional |
   | Value     |                       | type  | Values     |          |
   +-----------+-----------------------+-------+------------+----------+
   | oiPattern | The OI pattern to use | value | See        | No       |
   |           | for constructing      |       | Section    |          |
   |           | OtherInformation.     |       | 3.9.1 .    |          |
   |           |                       |       |            |          |
   +-----------+-----------------------+-------+------------+----------+

                   Table 11: KAS FFC KDF Option Details

3.9.1.  Other Information Construction

   Some IUTs MAY require a specific pattern for the OtherInfo portion of
   the KDFs for KAS.  An "oiPattern" is specified in the KDF
   registration to accommodate such requirements.  Regardless of the
   oiPattern specified, the OI bitlength MUST be 240 for FFC, and 376
   for ECC.  The OI will be padded with random bits (or the most
   significant bits utilized) when the specified OI pattern does not
   meet the bitlength requirement

   Pattern candidates:

   o  literal[123456789ABCDEF]

      *  uses the specified hex within "[]". literal[123456789ABCDEF]
         substitutes "123456789ABCDEF" in place of the field

   o  uPartyInfo

      *  uPartyId { || dkmNonce }

         +  dkmNonce is provided by party u for static schemes

   o  vPartyInfo

      *  vPartyId

   o  counter

      *  32bit counter starting at "1" (0x00000001)

   Example (Note that party U is the server in this case "434156536964",
   party V is the IUT "a1b2c3d4e5", using an FFC non-static scheme):

   o  "concatenation" :
      "literal[123456789CAFECAFE]||uPartyInfo||vPartyInfo"



Fussell & Hammett         Expires March 5, 2019                [Page 17]

Internet-Draft                Sym Alg JSON                September 2018


   Evaluated as:

   o  "123456789CAFECAFE434156536964a1b2c3d4e5b16c5f78ef56e8c14a561"

   o  "b16c5f78ef56e8c14a561" are random bits applied to meet length
      requirements

3.10.  Supported KAS FFC KC Options

   The following KC options are available for registration under a
   "kdfKc" kasMode:

   +----------+----------------+------+---------------------+----------+
   | JSON     | Description    | JSON | Valid Values        | Optional |
   | Value    |                | type |                     |          |
   +----------+----------------+------+---------------------+----------+
   | kcRole   | The role(s)    | arra | provider/recipient  | No       |
   |          | the IUT is to  | y    |                     |          |
   |          | act as for Key |      |                     |          |
   |          | Confirmation.  |      |                     |          |
   |          |                |      |                     |          |
   | kcType   | The type(s)    | arra | unilateral/bilatera | No       |
   |          | the IUT is to  | y    | l                   |          |
   |          | act as for Key |      |                     |          |
   |          | Confirmation.  |      |                     |          |
   |          |                |      |                     |          |
   | nonceTyp | The nonce      | arra | randomNonce,        | No       |
   | e        | type(s) the    | y    | timestamp,          |          |
   |          | IUT is to use  |      | sequence,           |          |
   |          | for KeyConfirm |      | timestampSequence   |          |
   |          | ation.         |      |                     |          |
   |          |                |      |                     |          |
   +----------+----------------+------+---------------------+----------+

             Table 12: KAS FFC KC Option Details Capabilities

3.11.  Example KAS FFC Capabilities JSON Object

   The following is a example JSON object advertising support for KAS
   FFC.



{
        "algorithm": "KAS-FFC",
        "prereqVals": [{
                        "algorithm": "DSA",
                        "valValue": "123456"



Fussell & Hammett         Expires March 5, 2019                [Page 18]

Internet-Draft                Sym Alg JSON                September 2018


                },
                {
                        "algorithm": "DRBG",
                        "valValue": "123456"
                },
                {
                        "algorithm": "SHA",
                        "valValue": "123456"
                },
                {
                        "algorithm": "CCM",
                        "valValue": "123456"
                },
                {
                        "algorithm": "CMAC",
                        "valValue": "123456"
                },
                {
                        "algorithm": "HMAC",
                        "valValue": "123456"
                }
        ],
        "function": ["keyPairGen", "dpGen"],
        "scheme": {
                "dhEphem": {
                        "kasRole": ["initiator", "responder"],
                        "kdfNoKc": {
                                "kdfOption": {
                                        "concatenation": "uPartyInfo||vPartyInfo",
                                        "ASN1": "uPartyInfo||vPartyInfo"
                                },
                                "parameterSet": {
                                        "fc": {
                                                "hashAlg": ["SHA2-224", "SHA2-256"],
                                                "macOption": {
                                                        "AES-CCM": {
                                                                "keyLen": [128],
                                                                "nonceLen": 56,
                                                                "macLen": 64
                                                        }
                                                }
                                        }
                                }
                        }
                },
                "mqv1": {
                        "kasRole": ["initiator", "responder"],
                        "kdfNoKc": {



Fussell & Hammett         Expires March 5, 2019                [Page 19]

Internet-Draft                Sym Alg JSON                September 2018


                                "kdfOption": {
                                        "concatenation": "uPartyInfo||vPartyInfo",
                                        "ASN1": "uPartyInfo||vPartyInfo"
                                },
                                "parameterSet": {
                                        "fc": {
                                                "hashAlg": ["SHA2-224", "SHA2-256"],
                                                "macOption": {
                                                        "AES-CCM": {
                                                                "keyLen": [128],
                                                                "nonceLen": 56,
                                                                "macLen": 64
                                                        }
                                                }
                                        }
                                }
                        },
                        "kdfKc": {
                                "KcOption": {
                                        "KcRole": [
                                                "provider",
                                                "recipient"
                                        ],
                                        "KcType": [
                                                "unilateral",
                                                "bilateral"
                                        ],
                                        "NonceType": [
                                                "randomNonce"
                                        ]
                                },
                                "kdfOption": {
                                        "concatenation": "uPartyInfo||vPartyInfo",
                                        "ASN1": "uPartyInfo||vPartyInfo"
                                },
                                "parameterSet": {
                                        "fb": {
                                                "hashAlg": ["SHA2-224"],
                                                "macOption": {
                                                        "AES-CCM": {
                                                                "keyLen": [128],
                                                                "nonceLen": 56,
                                                                "macLen": 64
                                                        }
                                                }
                                        },
                                        "fc": {
                                                "hashAlg": ["SHA2-256"],



Fussell & Hammett         Expires March 5, 2019                [Page 20]

Internet-Draft                Sym Alg JSON                September 2018


                                                "macOption": {
                                                        "AES-CCM": {
                                                                "keyLen": [128],
                                                                "nonceLen": 56,
                                                                "macLen": 64
                                                        }
                                                }
                                        }
                                }
                        }
                }
        }
}



3.12.  Example KAS FFC Component Capabilities JSON Object

   The following is a example JSON object advertising support for KAS
   FFC.



{
        "algorithm": "KAS-FFC",
        "mode": "Component",
        "prereqVals": [{
                        "algorithm": "DSA",
                        "valValue": "123456"
                },
                {
                        "algorithm": "DRBG",
                        "valValue": "123456"
                },
                {
                        "algorithm": "SHA",
                        "valValue": "123456"
                },
                {
                        "algorithm": "CCM",
                        "valValue": "123456"
                },
                {
                        "algorithm": "CMAC",
                        "valValue": "123456"
                },
                {
                        "algorithm": "HMAC",



Fussell & Hammett         Expires March 5, 2019                [Page 21]

Internet-Draft                Sym Alg JSON                September 2018


                        "valValue": "123456"
                }
        ],
        "function": ["keyPairGen", "dpGen"],
        "scheme": {
                "dhEphem": {
                        "kasRole": ["initiator", "responder"],
                        "noKdfNoKc": {
                                "parameterSet": {
                                        "fb": {
                                                "hashAlg": ["SHA2-224", "SHA2-256"]
                                        }
                                }
                        }
                },
                "mqv1": {
                        "kasRole": ["initiator", "responder"],
                        "noKdfNoKc": {
                                "parameterSet": {
                                        "fb": {
                                                "hashAlg": ["SHA2-224", "SHA2-256"]
                                        }
                                }
                        }
                }
        }
}



4.  Generation requirements per party per scheme

   The various schemes of KAS all have their own requirements as to keys
   and nonces per scheme, per party.  The below table demonstrates those
   generation requirements:

   +------+-----+------+-------+---------+-------+-------+-------+-----+
   | Sche | Kas | KasR | KeyCo | KeyConf | Stati | Ephem | Ephem | Dkm |
   | me   | Mod | ole  | nfirm | irmatio | cKeyP | eralK | eralN | Non |
   |      | e   |      | ation | nDirect | air   | eyPai | once  | ce  |
   |      |     |      | Role  | ion     |       | r     |       |     |
   +------+-----+------+-------+---------+-------+-------+-------+-----+
   | DhHy | NoK | Init | None  | None    | True  | True  | False | Fal |
   | brid | dfN | iato |       |         |       |       |       | se  |
   | 1    | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | NoK | Resp | None  | None    | True  | True  | False | Fal |



Fussell & Hammett         Expires March 5, 2019                [Page 22]

Internet-Draft                Sym Alg JSON                September 2018


   | brid | dfN | onde |       |         |       |       |       | se  |
   | 1    | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | None  | None    | True  | True  | False | Fal |
   | brid | NoK | iato |       |         |       |       |       | se  |
   | 1    | c   | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | None  | None    | True  | True  | False | Fal |
   | brid | NoK | onde |       |         |       |       |       | se  |
   | 1    | c   | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Provi | Unilate | True  | True  | False | Fal |
   | brid | Kc  | iato | der   | ral     |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Provi | Bilater | True  | True  | False | Fal |
   | brid | Kc  | iato | der   | al      |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Recip | Unilate | True  | True  | False | Fal |
   | brid | Kc  | iato | ient  | ral     |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Recip | Bilater | True  | True  | False | Fal |
   | brid | Kc  | iato | ient  | al      |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Provi | Unilate | True  | True  | False | Fal |
   | brid | Kc  | onde | der   | ral     |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Provi | Bilater | True  | True  | False | Fal |
   | brid | Kc  | onde | der   | al      |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Recip | Unilate | True  | True  | False | Fal |
   | brid | Kc  | onde | ient  | ral     |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |



Fussell & Hammett         Expires March 5, 2019                [Page 23]

Internet-Draft                Sym Alg JSON                September 2018


   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Recip | Bilater | True  | True  | False | Fal |
   | brid | Kc  | onde | ient  | al      |       |       |       | se  |
   | 1    |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | NoK | Init | None  | None    | True  | True  | False | Fal |
   |      | dfN | iato |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | NoK | Resp | None  | None    | True  | True  | False | Fal |
   |      | dfN | onde |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Init | None  | None    | True  | True  | False | Fal |
   |      | NoK | iato |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Resp | None  | None    | True  | True  | False | Fal |
   |      | NoK | onde |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Init | Provi | Unilate | True  | True  | False | Fal |
   |      | Kc  | iato | der   | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Init | Provi | Bilater | True  | True  | False | Fal |
   |      | Kc  | iato | der   | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Init | Recip | Unilate | True  | True  | False | Fal |
   |      | Kc  | iato | ient  | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Init | Recip | Bilater | True  | True  | False | Fal |
   |      | Kc  | iato | ient  | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Resp | Provi | Unilate | True  | True  | False | Fal |
   |      | Kc  | onde | der   | ral     |       |       |       | se  |



Fussell & Hammett         Expires March 5, 2019                [Page 24]

Internet-Draft                Sym Alg JSON                September 2018


   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Resp | Provi | Bilater | True  | True  | False | Fal |
   |      | Kc  | onde | der   | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Resp | Recip | Unilate | True  | True  | False | Fal |
   |      | Kc  | onde | ient  | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv2 | Kdf | Resp | Recip | Bilater | True  | True  | False | Fal |
   |      | Kc  | onde | ient  | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhEp | NoK | Init | None  | None    | False | True  | False | Fal |
   | hem  | dfN | iato |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhEp | NoK | Resp | None  | None    | False | True  | False | Fal |
   | hem  | dfN | onde |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhEp | Kdf | Init | None  | None    | False | True  | False | Fal |
   | hem  | NoK | iato |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhEp | Kdf | Resp | None  | None    | False | True  | False | Fal |
   | hem  | NoK | onde |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | NoK | Init | None  | None    | True  | True  | False | Fal |
   | brid | dfN | iato |       |         |       |       |       | se  |
   | OneF | oKc | rPar |       |         |       |       |       |     |
   | low  |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | NoK | Resp | None  | None    | True  | False | False | Fal |
   | brid | dfN | onde |       |         |       |       |       | se  |
   | OneF | oKc | rPar |       |         |       |       |       |     |
   | low  |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |



Fussell & Hammett         Expires March 5, 2019                [Page 25]

Internet-Draft                Sym Alg JSON                September 2018


   | DhHy | Kdf | Init | None  | None    | True  | True  | False | Fal |
   | brid | NoK | iato |       |         |       |       |       | se  |
   | OneF | c   | rPar |       |         |       |       |       |     |
   | low  |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | None  | None    | True  | False | False | Fal |
   | brid | NoK | onde |       |         |       |       |       | se  |
   | OneF | c   | rPar |       |         |       |       |       |     |
   | low  |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Provi | Unilate | True  | True  | False | Fal |
   | brid | Kc  | iato | der   | ral     |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Provi | Bilater | True  | True  | False | Fal |
   | brid | Kc  | iato | der   | al      |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Recip | Unilate | True  | True  | False | Fal |
   | brid | Kc  | iato | ient  | ral     |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Init | Recip | Bilater | True  | True  | False | Fal |
   | brid | Kc  | iato | ient  | al      |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Provi | Unilate | True  | False | False | Fal |
   | brid | Kc  | onde | der   | ral     |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Provi | Bilater | True  | False | True  | Fal |
   | brid | Kc  | onde | der   | al      |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Recip | Unilate | True  | False | True  | Fal |
   | brid | Kc  | onde | ient  | ral     |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |
   | low  |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhHy | Kdf | Resp | Recip | Bilater | True  | False | True  | Fal |
   | brid | Kc  | onde | ient  | al      |       |       |       | se  |
   | OneF |     | rPar |       |         |       |       |       |     |



Fussell & Hammett         Expires March 5, 2019                [Page 26]

Internet-Draft                Sym Alg JSON                September 2018


   | low  |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | NoK | Init | None  | None    | True  | True  | False | Fal |
   |      | dfN | iato |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | NoK | Resp | None  | None    | True  | False | False | Fal |
   |      | dfN | onde |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Init | None  | None    | True  | True  | False | Fal |
   |      | NoK | iato |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Resp | None  | None    | True  | False | False | Fal |
   |      | NoK | onde |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Init | Provi | Unilate | True  | True  | False | Fal |
   |      | Kc  | iato | der   | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Init | Provi | Bilater | True  | True  | False | Fal |
   |      | Kc  | iato | der   | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Init | Recip | Unilate | True  | True  | False | Fal |
   |      | Kc  | iato | ient  | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Init | Recip | Bilater | True  | True  | False | Fal |
   |      | Kc  | iato | ient  | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Resp | Provi | Unilate | True  | False | False | Fal |
   |      | Kc  | onde | der   | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Resp | Provi | Bilater | True  | False | True  | Fal |



Fussell & Hammett         Expires March 5, 2019                [Page 27]

Internet-Draft                Sym Alg JSON                September 2018


   |      | Kc  | onde | der   | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Resp | Recip | Unilate | True  | False | True  | Fal |
   |      | Kc  | onde | ient  | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | Mqv1 | Kdf | Resp | Recip | Bilater | True  | False | True  | Fal |
   |      | Kc  | onde | ient  | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhOn | NoK | Init | None  | None    | False | True  | False | Fal |
   | eFlo | dfN | iato |       |         |       |       |       | se  |
   | w    | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhOn | NoK | Resp | None  | None    | True  | False | False | Fal |
   | eFlo | dfN | onde |       |         |       |       |       | se  |
   | w    | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhOn | Kdf | Init | None  | None    | False | True  | False | Fal |
   | eFlo | NoK | iato |       |         |       |       |       | se  |
   | w    | c   | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhOn | Kdf | Resp | None  | None    | True  | False | False | Fal |
   | eFlo | NoK | onde |       |         |       |       |       | se  |
   | w    | c   | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhOn | Kdf | Init | Recip | Unilate | False | True  | False | Fal |
   | eFlo | Kc  | iato | ient  | ral     |       |       |       | se  |
   | w    |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhOn | Kdf | Resp | Provi | Unilate | True  | False | False | Fal |
   | eFlo | Kc  | onde | der   | ral     |       |       |       | se  |
   | w    |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | NoK | Init | None  | None    | True  | False | False | Fal |
   | atic | dfN | iato |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |



Fussell & Hammett         Expires March 5, 2019                [Page 28]

Internet-Draft                Sym Alg JSON                September 2018


   |      |     |      |       |         |       |       |       |     |
   | DhSt | NoK | Resp | None  | None    | True  | False | False | Fal |
   | atic | dfN | onde |       |         |       |       |       | se  |
   |      | oKc | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Init | None  | None    | True  | False | False | Tru |
   | atic | NoK | iato |       |         |       |       |       | e   |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Resp | None  | None    | True  | False | False | Fal |
   | atic | NoK | onde |       |         |       |       |       | se  |
   |      | c   | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Init | Provi | Unilate | True  | False | False | Tru |
   | atic | Kc  | iato | der   | ral     |       |       |       | e   |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Init | Provi | Bilater | True  | False | False | Tru |
   | atic | Kc  | iato | der   | al      |       |       |       | e   |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Init | Recip | Unilate | True  | False | False | Tru |
   | atic | Kc  | iato | ient  | ral     |       |       |       | e   |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Init | Recip | Bilater | True  | False | False | Tru |
   | atic | Kc  | iato | ient  | al      |       |       |       | e   |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyU  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Resp | Provi | Unilate | True  | False | False | Fal |
   | atic | Kc  | onde | der   | ral     |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Resp | Provi | Bilater | True  | False | True  | Fal |
   | atic | Kc  | onde | der   | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Resp | Recip | Unilate | True  | False | True  | Fal |
   | atic | Kc  | onde | ient  | ral     |       |       |       | se  |



Fussell & Hammett         Expires March 5, 2019                [Page 29]

Internet-Draft                Sym Alg JSON                September 2018


   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   | DhSt | Kdf | Resp | Recip | Bilater | True  | False | True  | Fal |
   | atic | Kc  | onde | ient  | al      |       |       |       | se  |
   |      |     | rPar |       |         |       |       |       |     |
   |      |     | tyV  |       |         |       |       |       |     |
   |      |     |      |       |         |       |       |       |     |
   +------+-----+------+-------+---------+-------+-------+-------+-----+

              Table 13: Required Party Generation Obligations

5.  Test Vectors

   The ACVP server provides test vectors to the ACVP client, which are
   then processed and returned to the ACVP server for validation.  A
   typical ACVP validation session would require multiple test vector
   sets to be downloaded and processed by the ACVP client.  Each test
   vector set represents an individual KAS FFC function.  This section
   describes the JSON schema for a test vector set used with KAS FFC
   algorithms.

   The test vector set JSON schema is a multi-level hierarchy that
   contains meta data for the entire vector set as well as individual
   test vectors to be processed by the ACVP client.The following table
   describes the JSON elements at the top level of the hierarchy.

   +------------+---------------------------------------------+--------+
   | JSON Value | Description                                 | JSON   |
   |            |                                             | type   |
   +------------+---------------------------------------------+--------+
   | acvVersion | Protocol version identifier                 | value  |
   |            |                                             |        |
   | vsId       | Unique numeric identifier for the vector    | value  |
   |            | set                                         |        |
   |            |                                             |        |
   | algorithm  | KAS-FFC                                     | value  |
   |            |                                             |        |
   | type       | Type of operation supported                 | value  |
   |            |                                             |        |
   | testGroups | Array of test group JSON objects, which are | array  |
   |            | defined in Section 5.1                      |        |
   +------------+---------------------------------------------+--------+

                     Table 14: Vector Set JSON Object






Fussell & Hammett         Expires March 5, 2019                [Page 30]

Internet-Draft                Sym Alg JSON                September 2018


5.1.  Test Groups JSON Schema

   The testGroups element at the top level in the test vector JSON
   object is an array of test groups.  Test vectors are grouped into
   similar test cases to reduce the amount of data transmitted in the
   vector set.  For instance, all test vectors that use the same key
   size MAY be grouped together.  The Test Group JSON object contains
   meta data that applies to all test vectors within the group.  The
   following table describes the secure hash JSON elements of the Test
   Group JSON object.

   The test group for KAS FFC is as follows:

   +----------------+----------------------+----------------+----------+
   | JSON Value     | Description          | JSON type      | Optional |
   +----------------+----------------------+----------------+----------+
   | tgId           | Numeric identifier   | value          | No       |
   |                | for the test group,  |                |          |
   |                | unique across the    |                |          |
   |                | entire vector set.   |                |          |
   |                |                      |                |          |
   | scheme         | The scheme for the   | value          | No       |
   |                | test vectors. See    |                |          |
   |                | Section 3.4.1 for    |                |          |
   |                | possible values      |                |          |
   |                |                      |                |          |
   | testType       | The type of          | AFT, VAL       | No       |
   |                | testCases expected   |                |          |
   |                | within the group.    |                |          |
   |                | AFT (Functional)     |                |          |
   |                | tests produce test   |                |          |
   |                | cases where the      |                |          |
   |                | prompt file delivers |                |          |
   |                | only the needed      |                |          |
   |                | public server        |                |          |
   |                | information in which |                |          |
   |                | the IUT is expected  |                |          |
   |                | to perform KAS. VAL  |                |          |
   |                | (Validity) tests     |                |          |
   |                | produce              |                |          |
   |                | inputs/outputs from  |                |          |
   |                | both server and IUT  |                |          |
   |                | perspectives of a    |                |          |
   |                | KAS negotiation. The |                |          |
   |                | expectation of the   |                |          |
   |                | IUT on such tests is |                |          |
   |                | to determine if the  |                |          |
   |                | KAS negotiation was  |                |          |



Fussell & Hammett         Expires March 5, 2019                [Page 31]

Internet-Draft                Sym Alg JSON                September 2018


   |                | successful or not.   |                |          |
   |                |                      |                |          |
   | kasRole        | The KAS role         | initiator,     | No       |
   |                |                      | responder      |          |
   |                |                      |                |          |
   | kasMode        | The KAS mode         | noKdfNoKc,     | No       |
   |                |                      | kdfNoKc, kdfKc |          |
   |                |                      |                |          |
   | parmSet        | Parameter set value  | fb, fc         | No       |
   |                | to use               |                |          |
   |                |                      |                |          |
   | hashAlg        | hashAlg values being | See Section    | No       |
   |                | used                 | 3.7            |          |
   |                |                      |                |          |
   | macType        | The MAC being used.  | See Section    | Yes      |
   |                | REQUIRED for         | 3.8            |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | keyLen         | The key length of    | See Section    | Yes      |
   |                | the MAC. REQUIRED    | 3.8            |          |
   |                | for "kdfNoKc" and    |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | nonceAesCcmLen | The nonce length of  | See Section    | Yes      |
   |                | the MAC (applies     | 3.8            |          |
   |                | only to AES-CCM).    |                |          |
   |                | REQUIRED for         |                |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes using  |                |          |
   |                | a AES-CCM MAC.       |                |          |
   |                |                      |                |          |
   | macLen         | The mac length.      | See Section    | Yes      |
   |                | REQUIRED for         | 3.8            |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | kdfType        | The KDF being used.  | concatenation, | Yes      |
   |                | REQUIRED for         | asn1           |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | idServerLen    | The length of the    | value          | Yes      |
   |                | server ID. REQUIRED  |                |          |
   |                | for "kdfNoKc" and    |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | idServer       | The server ID.       | value          | Yes      |



Fussell & Hammett         Expires March 5, 2019                [Page 32]

Internet-Draft                Sym Alg JSON                September 2018


   |                | REQUIRED for         |                |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | idIutLen       | The length of the    | value          | Yes      |
   |                | server ID. REQUIRED  |                |          |
   |                | for "kdfNoKc" and    |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                | Provided in response |                |          |
   |                | by IUT for AFT       |                |          |
   |                | tests.               |                |          |
   |                |                      |                |          |
   | idIut          | The server ID.       | value          | Yes      |
   |                | REQUIRED for         |                |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                | Provided in response |                |          |
   |                | by IUT for AFT       |                |          |
   |                | tests.               |                |          |
   |                |                      |                |          |
   | oiPattern      | The oiPattern used   | See Section    | Yes      |
   |                | in the KDF. For      | 3.9.1          |          |
   |                | "kdfNoKc" and        |                |          |
   |                | "kdfKc" modes.       |                |          |
   |                |                      |                |          |
   | kcRole         | Key confirmation     | provider,      | Yes      |
   |                | roles supported.     | recipient      |          |
   |                | REQUIRED for "kdfKc" |                |          |
   |                | modes.               |                |          |
   |                |                      |                |          |
   | kcType         | Key confirmation     | unilateral     | Yes      |
   |                | types supported.     | and/or         |          |
   |                | REQUIRED for "kdfKc" | bilateral      |          |
   |                | modes.               |                |          |
   |                |                      |                |          |
   | p              | Domain parameter for | value          | No       |
   |                | DSA                  |                |          |
   |                |                      |                |          |
   | q              | Domain parameter for | value          | No       |
   |                | DSA                  |                |          |
   |                |                      |                |          |
   | g              | Domain parameter for | value          | No       |
   |                | DSA                  |                |          |
   |                |                      |                |          |
   | tests          | Array of individual  | array          | No       |
   |                | test vector JSON     |                |          |
   |                | objects, which are   |                |          |
   |                | defined in Section   |                |          |



Fussell & Hammett         Expires March 5, 2019                [Page 33]

Internet-Draft                Sym Alg JSON                September 2018


   |                | 5.2                  |                |          |
   +----------------+----------------------+----------------+----------+

                    Table 15: Vector Group JSON Object

5.2.  Test Case JSON Schema

   Each test group contains an array of one or more test cases.  Each
   test case is a JSON object that represents a single test vector to be
   processed by the ACVP client.  The following table describes the JSON
   elements for each KAS FFC test vector.

   +-----------------------+----------------------+---------+----------+
   | JSON Value            | Description          | JSON    | Optional |
   |                       |                      | type    |          |
   +-----------------------+----------------------+---------+----------+
   | tcId                  | Numeric identifier   | value   | No       |
   |                       | for the test case,   |         |          |
   |                       | unique across the    |         |          |
   |                       | entire vector set.   |         |          |
   |                       |                      |         |          |
   | staticPublicServer    | The DSA static       | value   | Yes      |
   |                       | public key           |         |          |
   |                       |                      |         |          |
   | ephemeralPublicServer | The DSA ephemeral    | value   | Yes      |
   |                       | public key           |         |          |
   |                       |                      |         |          |
   | nonceEphemeralServer  | nonceEphemeralServer | value   | Yes      |
   |                       | ONLY USED BY C(1,2)  |         |          |
   |                       | and C(0,2) schemes   |         |          |
   |                       | with KC. nonce to be |         |          |
   |                       | used in the MacData  |         |          |
   |                       | field                |         |          |
   |                       |                      |         |          |
   | nonceNoKc             | The 16 byte nonce    | value   | Yes      |
   |                       | concatenated to the  |         |          |
   |                       | "Standard Test       |         |          |
   |                       | Message". REQUIRED   |         |          |
   |                       | for No Key           |         |          |
   |                       | Confirmation tests   |         |          |
   |                       | only.                |         |          |
   |                       |                      |         |          |
   | nonceDkm              | The nonce supplied   | value   | Yes      |
   |                       | by the initiator to  |         |          |
   |                       | be used in the OI    |         |          |
   |                       | field in the         |         |          |
   |                       | PartyUInfo field.    |         |          |
   |                       |                      |         |          |



Fussell & Hammett         Expires March 5, 2019                [Page 34]

Internet-Draft                Sym Alg JSON                September 2018


   | staticPrivateIut      | The IUT DSA static   | value   | Yes      |
   |                       | private key          |         |          |
   |                       |                      |         |          |
   | staticPublicIut       | The IUT DSA static   | value   | Yes      |
   |                       | public key           |         |          |
   |                       |                      |         |          |
   | ephemeralPrivateIut   | The IUT DSA          | value   | Yes      |
   |                       | ephemeral private    |         |          |
   |                       | key                  |         |          |
   |                       |                      |         |          |
   | ephemeralPublicIut    | The IUT DSA          | value   | Yes      |
   |                       | ephemeral public key |         |          |
   |                       |                      |         |          |
   | oiLen                 | Length of the        | value   | Yes      |
   |                       | OtherInfo field      |         |          |
   |                       |                      |         |          |
   | oi                    | OtherInfo field      | value   | Yes      |
   |                       |                      |         |          |
   | dkm                   | Derived Keying       | value   | Yes      |
   |                       | Material.            |         |          |
   |                       |                      |         |          |
   | tagIut                | The tag (or MAC)     | value   | Yes      |
   |                       | GENERATED BY THE     |         |          |
   |                       | SERVER/IUT by using  |         |          |
   |                       | the DKM to MAC the   |         |          |
   |                       | Message with the     |         |          |
   |                       | specified method     |         |          |
   |                       |                      |         |          |
   | nonceEphemeralIut     | nonceEphemeralIut    | value   | Yes      |
   |                       | ONLY USED BY C(1,2)  |         |          |
   |                       | and C(0,2) schemes   |         |          |
   |                       | with KC. nonce to be |         |          |
   |                       | used in the MacData  |         |          |
   |                       | field                |         |          |
   |                       |                      |         |          |
   | nonceDkmIut           | ONLY USED BY STATIC  | value   | Yes      |
   |                       | SCHEME. The nonce    |         |          |
   |                       | supplied by the      |         |          |
   |                       | initiator to be used |         |          |
   |                       | in the OI field in   |         |          |
   |                       | the PartyUInfo field |         |          |
   |                       |                      |         |          |
   | nonceLenDkm           | ONLY USED BY STATIC  | value   | Yes      |
   |                       | SCHEME. The length   |         |          |
   |                       | of the nonce         |         |          |
   |                       | supplied by the      |         |          |
   |                       | initiator to be used |         |          |
   |                       | in the OI field in   |         |          |



Fussell & Hammett         Expires March 5, 2019                [Page 35]

Internet-Draft                Sym Alg JSON                September 2018


   |                       | the PartyUInfo       |         |          |
   |                       | field.               |         |          |
   |                       |                      |         |          |
   | nonceEphemeralDkm     | ONLY USED BY C(1,2)  | value   | Yes      |
   |                       | and C(0,2) schemes   |         |          |
   |                       | with KC. nonce to be |         |          |
   |                       | used in the MacData  |         |          |
   |                       | field                |         |          |
   |                       |                      |         |          |
   | nonceEphemralDkmLen   | length of            | value   | Yes      |
   |                       | nonceEphemeralIut    |         |          |
   |                       | value.               |         |          |
   |                       |                      |         |          |
   | nonceAesCcm           | Nonce used by the    | value   | Yes      |
   |                       | CCM function, if CCM |         |          |
   |                       | is used to generate  |         |          |
   |                       | the Tag.             |         |          |
   |                       |                      |         |          |
   | macData               | The message to be    | value   | Yes      |
   |                       | MAced.               |         |          |
   |                       |                      |         |          |
   | z                     | A shared secret that | value   | Yes      |
   |                       | is used to derive    |         |          |
   |                       | secret keying        |         |          |
   |                       | material using a key |         |          |
   |                       | derivation function. |         |          |
   |                       |                      |         |          |
   | hashZServer           | The hashed shared    | value   | Yes      |
   |                       | secret, only         |         |          |
   |                       | provided in          |         |          |
   |                       | noKdfNoKc modes of   |         |          |
   |                       | operation.           |         |          |
   |                       |                      |         |          |
   | hashZIut              | The hashed shared    | value   | Yes      |
   |                       | secret, only         |         |          |
   |                       | provided in          |         |          |
   |                       | noKdfNoKc modes of   |         |          |
   |                       | operation.           |         |          |
   |                       |                      |         |          |
   | testPassed            | Pass Fail indicating | boolean | Yes      |
   |                       | if the IUT agrees    |         |          |
   |                       | with the Tag         |         |          |
   |                       | generated by the     |         |          |
   |                       | server.              |         |          |
   +-----------------------+----------------------+---------+----------+

                      Table 16: Test Case JSON Object




Fussell & Hammett         Expires March 5, 2019                [Page 36]

Internet-Draft                Sym Alg JSON                September 2018


5.3.  Example Test Vectors JSON Object

   The following is a example JSON object for KAS FFC test vectors sent
   from the ACVP server to the crypto module.


[{
                "acvVersion": <acvp-version>
        },
        {
                "vsId": 1564,
                "algorithm": "KAS-FFC",
                "testGroups": [
                        {
                                "tgId": 1,
                                "scheme": "dhEphem",
                                "testType": "AFT",
                                "kasRole": "responder",
                                "kasMode": "kdfNoKc",
                                "parmSet": "fc",
                                "hashAlg": "SHA2-226",
                                "macType": "AES-CCM",
                                "keyLen": 128,
                                "aesCcmNonceLen": 56,
                                "macLen": 64,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "oiPattern": "uPartyInfo||vPartyInfo",
                                "p": "91d80f6b6958b04e87da7e3258db8dd60ba376cdfabdd635ce04a69e62bb34202f2a1f8fc4460a12cd2f265a2ab03cc0360597dfa6ce72b25b4545dd1769d47a94d82a079a0a7b8101cb628c9c6e25934f2d91caef70c036e7ca4f6567aa053ab5bbf0e6e3524ccc5204cf9884bf9a09145277106efaca89c76662c926a40337b4b2800a00e1db8592d259973e7078fae64636355846c4d3a020e451a6e36c119919d6f16d5033bf7b3159c34efc41ecde98b7431881f37ae9f26aabe19e26bf93476930939362c44465f1e7d5c46ad381da742703a685c8323a590f0e3ad462547139a880d1ea59aa712f8ea0cb3605cc8a1af8608acc30112488c396c806a5",
                                "q": "cf4ff0acc36d5d9573342664b38b9a363173cfec110ecebc2dc3ef74780ca313",
                                "g": "15a498872f9758485c0253357b957e67ffbf320d955fec5dcf8d17acf715bb2de1de7872efb4c5902fc71c5cfae4ae121cd635e5ec07529a691813e59040720fbeee9262ed2636996cc0cb3ee4d5de16006903ce9dc883a0d3d13da66ef2768ff5b8008e4dc2b188de69bd55d1187bdba5e91c2c4fe25e0b00e393b4ca590ed38e4557b78a7aa393802db7a6046eb8d6927689c3d7f9391e9803f71dc015fb78c057e4c8b52217591ef4a7919a6985e049ca5f58a2ac303f1b0a1f52cef2ab140cca08cdb9707370ab8bbcbaef91c2a250c4630e351fb63335660dcce383acb265ac615322490e2e34311ac6a2cc2cd62908828a1913943fe19f12d3a3b624e9",
                                "tests": [{
                                        "tcId": 4000,
                                        "ephemeralPublicServer": "4def03e88563f4992120c7940dff3b2c6da81c82a4b132c52916fd48811f0d6ce96fe7224e477df3a594566d0d227c561b201b36d28e19e21489961ffb773bd1849e737d2f35cd5f5ea0a24ee4577501a79c3daf4c7030a5248962e818288189addca99bbda6c210d7e695810048c48556c5f23c84892fc2a5f13d595a22a12ccf51359aeb8d3fb1ad5165fedb7ddff4281b9d257915bd90e1142933871ddb2bf8592a1c2cdef506980aac35ff8a0f0887a5384ab05084cd981fa954a60141b3ecc9fe264d69a26c120b7562af3bada0c969d2f28b83c4eb147769cd74bcfa4a02af098291974efd64a928b50ad7062a2555dae73ece0a8ef83027194aaf05c0",
                                        "nonceNoKc": "83fffe9a2cb8f97868c2e5d140ce427a"
                                }]
                        },
                        {
                                "tgId": 2,
                                "scheme": "dhEphem",
                                "testType": "VAL",
                                "kasRole": "initiator",
                                "kasMode": "kdfNoKc",
                                "parmSet": "fc",
                                "hashAlg": "SHA2-226",
                                "macType": "AES-CCM",
                                "keyLen": 128,



Fussell & Hammett         Expires March 5, 2019                [Page 37]

Internet-Draft                Sym Alg JSON                September 2018


                                "aesCcmNonceLen": 56,
                                "macLen": 64,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 40,
                                "idIut": "a1b2c3d4e5",
                                "oiPattern": "uPartyInfo||vPartyInfo",
                                "p": "d5cf9ba288ff8438650904a5fe2eeb8bf6b52b691a455b21bd3b37998f82544036ae61fe436039c66feab83ba21a5ba13e7b4c1692ac82c65309eed54e593efe9831cc82bfd11e9552d4eb7d8f2c233024bc10819c57093890ec19aa9ee915e524d81c285928a5b87acc7f496f93689ed59b15183689ec5e487fdc9fb994c4bf7e1dba57f8f12c17e404f68b5506d69f4aa98146f6ba3be1f3397e5d41c4235a18b38c75417bb9091a487db1fc89eb2f73b4ac6f6c12dc5634a342cd9d10605090bd544e1c0813aaaa3814166df84a302b8df38babe9c31e4a2c64317046bdb841fa8717e22dcf1496f9ad94c17f1ff9175567d02ab5e30601e2e5b0884e9a77",
                                "q": "ceb9916bbc14cdc9dda80481135bee68ee94f4ecadc2921261a316d1c9cf9283",
                                "g": "37a7b2a094ed6253784d51c71a4a7407f0727df15e480a02b0ff2f9befdb0e92c0d63e482c6909e5337373abe347ceaec25a9f2a23f1770c2447bfb5c35dbda80d3f00d8b6569a0165a3d52f1cff03e02b67be47b2f26ebd0fc13299fd0317719c3bcbbcbba0a982915b5d68fb4c5c483c3df12052b56ceacd16176c783d56422b1366cd5ce65922b734a1780acf35b4a658cfe8166469ace04b87a33e1e8d4603ae3f9607d1e708137d581aaf2cd86608ca06e52cddbe475f8bdb4597cd5b55f47380276c86d08d8ddbbef4ee3ca76cefe6ff9c74d4d5d1be3407e30720be34cf41f482be8bc6ed6e89ea7cc2d164da1dc1c9d0e2762eef983dc9e96f3bfd50",
                                "tests": [{
                                        "tcId": 5000,
                                        "ephemeralPublicServer": "4fc5ed02abf0791bb01ad33527bd16ee58f875bbc85de5b513ccce95d05d6c735e726a102f11a69152f1c430b027ef3f2049e07db96f448d9b016ebd9258cd33175c06c00d107c99ccfebc8e77b19c61ed7c9e1d8a3e912a893b30ec9ab1d59d2bd5133c9669090c7bcc48318a21cabffbe56477e9fda36aba9c5e4462854fa682f503de3e895579b0c51a2f2a6b1fc59bee015e8bd89041a2efafbe8ea491215a88302f6a4858ea3c0d846e52f6ea070b61dda82009bdf0ed13a077ea1777233e059fed4c45249c5bbba1fbaa6f574058ec58d56e6b3a486e0aa306ef2d63d70617f6b384fe238e82832dfeff6317aa887aab894efc9b60e6f5127581fe735c",
                                        "nonceNoKc": "1d33ef74a9f3c6e7ab1dfa77b40e4191",
                                        "ephemeralPrivateIut": "41f8582a2f3ac19cc925fb5cf72ec98f89630fec8e71853397870c3fda1eb08b",
                                        "ephemeralPublicIut": "a6f3b734391112b2ae81cb3021bc1275383c4a6c80b9a1265ae3f5a8256a0a621667f71e3e081b86bc427d5adddb901aacd4e3b7b48170c7d13cd9dccd7b04072d97a7c39fc44c079a48fa3d2495e90659786275f13b5ad2402509dd12637630de980369c5e55953091df4ef3e369880547737df1d7bd7a9d437488cb01a94b444c05ae33d6ae6126bd0c9c7be19adc752f210f68ee7657a9151ef3299b4e4e12f19ba9f3070cacfe1af329e69a2bd6416c51c7d33b183702dbd20df91ca09c5190321f59f55fca903546cc42c3edcb3c4eb30b3a4228fe2e1906484174715e0b08d9d93c4588c33739f416ca45a33faa861dc6e9fb7831cc95d2d2741533be3",
                                        "oiLen": 240,
                                        "oi": "a1b2c3d4e54341565369646cfd9fa9ec70ae7f9b0d17cc63ea2103fbaf6b",
                                        "nonceAesCcm": "6526d522a19f25",
                                        "tagIut": "9a0ade2f4b22599e"
                                }]
                        },
                        {
                                "tgId": 3,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "kdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "macType": "HMAC-SHA2-256",
                                "keyLen": 128,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 421,
                                        "staticPublicServer": "6E71B7F2E5690D279348B24B06B4341B77389942C3A6497CA9A3E7066BF84CF9DE750E235FE14EC80E17361A45588EAAF79F744C2A220B9D28B3E493744BD940FE29BDFE94B4A68BFA96E5980BCEF3A120A4DFE351468A5BB4D4E119AF03DB62647FB6A4CB25987D9A021DB7A47337885365600B750399F9CF78C74527CF2143DDCAF4ABE41DBC6CCD27E1F193F6272849D15B5AF7BD60F5E50ED9FBFD6E1190A787D37313E28BCF2641BE0E4EC47FEFFDE452028BD7765298D4607A7D03761A39AA42D567E3717991FD8D3670493FF4C8AE72BB91263F4AA1F6CC9EE492D2D6718120C6B8B37C73193E65F994515AFDCA29FC92A8F597E22C9B635BAC9DF104",
                                        "nonceNoKc": "1ED327DA0EF730995949D0DFAA00ADCA"
                                }]
                        },
                        {
                                "tgId": 4,



Fussell & Hammett         Expires March 5, 2019                [Page 38]

Internet-Draft                Sym Alg JSON                September 2018


                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "responder",
                                "kasMode": "kdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "macType": "HMAC-SHA2-384",
                                "keyLen": 128,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 441,
                                        "staticPublicServer": "37EA4A6FE4FB2D86BAB256B987DECFEAAADA9C26CA74D39EEBEE71341BD09DE22C124EC1679AE1604F0F1BFE989D66130288E6B1394BFE93FF2DE90258EF940C655831B3051B96BA97F1E4B2B493C26EBA60FFBA504700063F48B470C78A1CA12A2B05A42CB723FF0B356DEA1A7220B7A29954A3CB29E8912062D7FEBC68570155AF1B8FB44DC95A9D5D9211F464BB6A1E760EB1F2EE9E901FB4C8669E312C7E3D5A14E598FEF1AD18EAF15C80BE03AA0B4B57005B66AD98B3C35400C73D3052AD6CFFB836106189D29A4D20AE0033026275A83EC692B9DCE62DD0019405FC202EB3FE4C099F82D713D3D8EE7DDCD8F81FF5A2FB0586363B610CF64B7DD3D6ED",
                                        "ephemeralPublicServer": "A109397DC12D1EC800C9E8617C2291DFCAD91221ADAA444816B3ADC825AF86C3DCCCF24EBBB1AE8AF9C47E0E41F1B84A7EA6F5176A4FEE436EDAF94A4D837283F0A65621B905096BF80F04D48BEAB5DB1DE0641B37F132C6520F65DB0D5A8621B20F8AFA8496EC201FF2E7DC89166687BAAE006AAD390E919834F4831A594402AFA3A526C4B6A755F481B0FE179E07D3329E974FA96BCC2EAB537490B541E9A078A01AE65E093E50A63D5455E07E95A1BB75F11B5737576F0DEFE7A29EC4C2E68540BF74347694C0D53CC86F3E0F526DF48BC73016DBB02FB09D7CB68F3063AA8A28EF348DC8BE1CBDF030C42D5255BF4A587FB4B369C4FFFE6B1BE349534404",
                                        "nonceNoKc": "DC04E3B3C2E0C0F14CDB425D04B48E58"
                                }]
                        },
                        {
                                "tgId": 5,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "initiator",
                                "kasMode": "kdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "macType": "CMAC",
                                "keyLen": 256,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 461,
                                        "staticPublicServer": "9959B0B4D8E61B80642D654FF8029E93FA05111D4001CFE2867FBCBCF6084202CA99BB7B6E7245C731F2343686C076E98A1F1FFEDF4523BE78298F93BD36EC5A83352B0EC3756AF963EF700645BDD06DA78CC9CDA003AE6C110ACFAACB24829C8EB4088F96B44C5C3237E5C5413FD34B0C5A1016C28BEC11835B996A34AE41DCE0750AFC1439A4B6228A88E30430BABDC08B4DD9FFD9D5DC73D15A9E64DE077A67A364B68D477834DC6E3CCA01F06331F4434A39835B6E4F1E9D0439B5006D1B904FEDA70A68B4831341FC37C937584D7E9F2258414226BE66D8D295AB997306C58225B8D904555059BD8C784126E02051ED731A752645DD66E280D59DDCF255",
                                        "nonceNoKc": "DB4614836A5B33947EA8D38268026E81",
                                        "staticPrivateIut": "11B2F386A6ACBEBA7D09F504B4D52BDF9F0E0F72097FDE2DCD65E6A4",
                                        "staticPublicIut": "3771A4584C3A30238D8F1173EE34C6BAEF78F37C30D1A2159AA9147DC530FCADDB950198C1473063C4D9AC2F29E64E1C18F9BDC617F8BED0821BDD526896049F12E4D91C06D66D3E3CE3F92345881A5A443E715CE3027CFFEB46919557037AE7BC23BCB57EBBE92F4444C7839975A44C7F8F4416A2C05E6195060E9DE79C2684754FCA2B0028AAC4207E4E754EBF9110573380D7262DCF7A9A5EE76AF5FC183415403455B0E639D314C4A18F96A2A19E64DEFC926AB61AB50F5DF04D9CDCA98F156C06E47F11FBACC27467406910329D5700676EC30F27E9F0735C4528E66CCB55BD361A5EE600F64870E8F61DB416201BF12D7C87571A74BA7E3C9E2578B8D3",
                                        "ephemeralPrivateIut": "5610BA8A79D92592D44BF65A634E7CA81BA276F4023CBE01F888B7D7",
                                        "ephemeralPublicIut": "3DD2FB97DDD2A59B209146806CEF7218BF53445FB5F6ED4444E608A923BDEE4BA84C78B0ED1A50513B77985F859A65FD0DE63ED05A39E1ECF9E338DF9919820F1086433B868BA97ACF19A4FC07267BF4A49BA22E26B1F65402FB9D53FFCDFF560FB7826D95C222A0137E7FB8FD927C60F3A877FF34B587BBC123FD785856EAD897BE9833DA08DD8248CF642B03248392EE113D1D3EC6BB8C854171FB8E0617258507A7E614D465AD5B8A26F4C8CE313C5D12312B2A93D143DB8BBBA25BD13A90D686C8CAE1C5CAC15154F1EE4308C25477277ABCA2C786A5992B4B2630B73B6E436E12A102875BFE2C6FE9ACA97266A81138D0AB1D59BE7353B6C78C1322BB19",



Fussell & Hammett         Expires March 5, 2019                [Page 39]

Internet-Draft                Sym Alg JSON                September 2018


                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFECAFE0C702E54817AD2878111B540EE479C",
                                        "tagIut": "72E1D9346A2840777B3860D9B930A411"
                                }]
                        },
                        {
                                "tgId": 6,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "kdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "macType": "HMAC-SHA2-256",
                                "keyLen": 128,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 511,
                                        "staticPublicServer": "5009DB149D378FCD02BADFEA1AD5A4A1FAFA90E6144F10211D325E977C9FFC38457AA85E0885E35551EA5EAFA25539934493477C1609942A7CFE44BF3F553386FB2B27A7F05468991B56D3BEF186D751A24C299E4959CC7C7AE931A0EC7D548A0FC383ECB0B6AF3725A1A57CC8F76762D8E30AA082A7632458E06C2B62B52AFF7D6F2BCC48244B5C1B2B22864014D3683D14EC7BCDB964DD49FBE9CC35B3EC49E5600C1D3009E4C04EE2BDBB5AFAD2FA4B1DE49B2F9A820B5A443C20DF3121FC6BFA080D4035996227F34E68496E4044A9F8D13A4DC252C2F48C1C1A9DBBFBDCA43B529BE19746C2AEE434A13E249BE8B67A3C145CD9E15AB14FF88B2117EF43",
                                        "ephemeralPublicServer": "29C3A5172136C0D17DE1C7B46C7B8E300E49C00E485DBDB0F2349F912B1D649C5A0EDF69D196B3061AF90FF2FF54365613EDD78ACE456EE066B1B7B177A0FB00F429169AD6D6143DD9B883D28EBDF56F2AEB63ABEADE1306B3F4F6959395CA26086D69B53A6DDBC736C5AF048ACFF9C1171E647B2CFBCF7B1020D83792188F0B3807BF8EC7E21D11380FB1C4A2450A459EBE1391FE72C39759A8B7DE8D08E1EAEFE8F8A227C076CF0A0DA29909D40F729D4E0F47870E662ADEF0F4AAE632868EEF50C3F9E256622DB9F79404774EA851B296938F5E5C76C2C4C4A934B91A16F4A9F7B8833D494F231A492457BAF986DD3273FF67FBB163F54A54ACC5CB2049F9",
                                        "nonceNoKc": "6BC3341BD73345D9771F842A44768699",
                                        "staticPrivateIut": "31DFEBA03A0F42B3CA14F45B413527C0CB78AB9FC840F6781F3F1546",
                                        "staticPublicIut": "33CE93E95F8C7C8CAC844D24CA346AD3287B0AC983222EA5012F49A88776A6FB177F0020C029464D42D0B4484B3384C321057792B3852FE85EA437EAA63CC063D2C73E3F5D8B54DCAC9C9E9C88F27D2A1EC74509F8E431565D2BE234CF1A737E705152901A907D4C419C9525EAED331688BD15457015AE4BA5AC476BF6E86DBF1726C39A06818E14E61DD6DAE3C3A9EF5D27166EB295630F7DA888059D4BE0B803005B1E350C35FEA7585B92B9F4A499BD0DF89630CCF40AA3C557723C7C948D557115B0EECAA2B1D5D4544B1C4A8DBE04A60870292BE0CEB40F08BF409001D7A5D8DB01C19555766584816A01FAB692888ABC68FFE31DCCACC400D191E9D135",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFECAFE71CAD14BEB7B210AD4BAA4D9CDC8E1",
                                        "tagIut": "F20532B36666B0204DE17195E9C4DC89"
                                }]
                        },
                        {
                                "tgId": 7,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",



Fussell & Hammett         Expires March 5, 2019                [Page 40]

Internet-Draft                Sym Alg JSON                September 2018


                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "provider",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 561,
                                        "staticPublicServer": "82122FBA230C65ECAFE305ED20FA3C640E15344C3093D3E3BE2907F16D4EABD6CD4876E3D7C136BFF31DC83D6CDEA591BD7C9090974787C19C503010A19E125651E5C74C98D00530ADB7C39099BC13E4587A69B98568B200CB25370651292F513E7DA95ED8D6EBB9BC8C2BB0DAC6933B75DD5E3086C96964FD7ED2B7891CF416CFB233D85DC00EFBB069E38C35B70E3AEC7527F458972C86A634E532FBC9B4FAF4CC97AD7617841300AD41DDE93991047C4DC277DA09CF2C2EDD1A386DC018736AE79F18720CBEA82A71085FD092E678EC646FFE180777A80D49C831B8238A81373EA061F16975FE5B84E261B2D2CA6534B92311E390C033246E3DD6CDECEDB5",
                                        "nonceEphemeralServer": "3D8C2739CE915A3E2E67B252679200E15240B659C57539E4639C4F354CBB9736D8A51C2DD522CE0597B1998D0BE3A8E82641647AF1259C5ABAFD5B9C96F2EFC7F4BE36107B2622B7BAA77E61CFF3E1BE38E6273C828BF50FB69854F8D989AC16126980EDA2E1CF4D7DE706E63452F20EF635254308023174ACD9F14A74A09EC18DB3B3C201D8F45E29303EB300A1E9A7E3C899784A3ACAC62C82C5963FF87EBC9B07871DF9D6D68FAD6F7DD3C95DF772703143F25D3AC815D1AD99D867A1CDA7030711F7135AD926BAF7B212509C74C55A2D380D9F81C4ACFE9B78D2FD91875F82CE6F3D22519FA93EE37422E6C7B14980966AEF01507572443449B303170A2F",
                                        "nonceAesCcm": "37CC8408E6C20632"
                                }]
                        },
                        {
                                "tgId": 8,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "provider",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 621,
                                        "staticPublicServer": "892E651BBA6E9B538D6DBC463B2D36C2A1DBC5419DE3A851165FA9EF0A13B607C67B0EF79022D8FF16268D369833D90F70DF1F768A366B05795591B1A9B86442F7F4C6E3B787389216215F31E253581F89AFC6013AA7CDF69C519F19EEBB7C43B55B4535F0B8A070C99D744871909D2B8BD7CFCB52DEBD7ABF5D6D063BFFDE360DF58E4F1FDDD2D677B345C453D02ABE199D5BFDF411B0FABFC8558DDF811F1621D3FB1145470A3AFAA8E4C5026CDC71F25AA7E3F126868B8CAF7EC503C0C611E6B79AB872D1E5391CC59125A510D1EC6FD7989ADC1B84DCFBB4A4B9E66CE04AB0000587FE8956C96ADF1514E69CF8564BF761CBDACB341A3E1E236F2B16D789",
                                        "nonceEphemeralServer": "0F3B5A93A6DFE6EE5C422F48CEF718A199ECF411DED531D83C12525D5AAADAEC26114BD6F41DB81146B3890EC70419CCB123C2F53FC5965A124EB15FF12DA1E651F64CE8C3C9C45BE134D7742F4427EE71438BFB902BE273F90E9FB9799A451D28B952EEF28B0F3C1F522022389069B2072AF9364ACA9FA3E53F73D305E4AD01560F0498F62F196B7AD5C62FCFC8B26DE2A59D279B9B2D2D51491D0CF68A12E582EFEAEBFD4B58A55295D278F7F1ED034B6A5D18C930F140FA02E44FD46B004D4EBD20BCCBFDD740BD67578DDC28303698F277F7D760A3A3ACB5E9D58C160CA922AEA0272785F5C26135786DD39DF5E4D87165E11423FCEEE54842C1C0387636",
                                        "nonceAesCcm": "E660DC439C9112B0"
                                }]
                        },
                        {
                                "tgId": 9,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",



Fussell & Hammett         Expires March 5, 2019                [Page 41]

Internet-Draft                Sym Alg JSON                September 2018


                                "hashAlg": "SHA2-224",
                                "macType": "HMAC-SHA2-224",
                                "keyLen": 128,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "recipient",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 701,
                                        "staticPublicServer": "8BB1CA78663C08555F47084FB2B9016BD6AF157D2F90AC6127B114F2E2DC53D11CE47EC90E6835D2A4F65A09EB9E6259DD49ECCDF123EFDA13636CCEBF9731BDD5D52AC92B1CF7DA2C3B4BED02FC520B56F960E2BFBFC8F650E883DE7AAE68EA26B524C36B95F106FE4ADE9CAF270ACCDAD7CE7FBD753C351F29D65CF75D531BBDB89656ADBD497C177F8DA3AF87EC8421D3114C848DF3C602250AF6EE9D0502A01BE2B0AA429D8F33958B068C6869F475E72AF4FDBE711BF525C7B698BF64E180D7CAB16A3B98D4B7ECB3A694B054FB9F04253F96887CBFF9AB7F5A14511BD55F51DC74912EC9C3B656CC3FCF82FCB5A26743E73C8F777D0E4EC4C8BAD69970"
                                }]
                        },
                        {
                                "tgId": 10,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "recipient",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 741,
                                        "staticPublicServer": "A34F183F3C3DB445D5107BB9C8B2B7ECD725D1A5B7EA796A9E64DCE60204DD73719DEC7C1E8DE17CDD7673FEDE4540029A41A6A10A1C5D12499E98AFC2777CADF36A1C82CF1038AF74C1122BE930A000E3A0528ECA7F8D9C070853B2B42135A3FCC1656A2CB9867991D08C797D78BD3AA7F22FAAEF2BE2EDDB3D30E1C433A6BD9E4D10A7FA241906DD3810BC88DC5096A9C30B2FAB17CD25B0AC2A3D29A1EC105B52F2815CED9CA6E3F3AFD96BE94F9FF569E4C66FC9480F4DD2B4F2136B3B39D7D5D329A0E776317A01BDC2369DB6900897E710673EA819572491162ADD71F2D9461D1B591D7F0CC5112C1461FA6809C1AF3F04F33DFEF500727475A5474D23",
                                        "nonceEphemeralServer": "CA85E0A9365BFB31E9276C69169B28EEA553BAA32F386C4582FE5CCC80F4EB4A3890B09B0F8A8DE47FA3AD96E8A1531743571C777411C77B21EF34C3407BD596BD540A69B36B46C1CA2FB5F7B38D35B6C19C48558BA99F43FA6307554C5713359A61241D5715B48BADA7201355C2DE2844801B53B06FF8E272627F67F7F369EB420AB992B67937DDF0F8C5838C11A67ACBFE49B542564054F4DA978FF2A484722BAC24FB3CAA278D365EA9F1C4ECBD09F2720B7B6695976706F63DDD076E3B9AE98970491A98ECD77AAF4ADABD464A31B89FFD2E3E6EFC9CF63F932881A13D813967370F1E75A8F0A04AE962318EA7991FBE7E45EF740121998FBEC3888C2163",
                                        "nonceAesCcm": "2F186CD57426963A"
                                }]
                        },
                        {
                                "tgId": 11,
                                "scheme": "mqv1",
                                "testType": "AFT",



Fussell & Hammett         Expires March 5, 2019                [Page 42]

Internet-Draft                Sym Alg JSON                September 2018


                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "provider",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 801,
                                        "staticPublicServer": "AF1DEF1F34183622A32FBB726099678EA04ABA794844D5CDDAFCC405EA9F3F280CC4A00312DDB0B0C8A1228ED156274BC8114B4856B2A51E3A49C111BF24B6FEB96B21CA1408467204A10AAEAB54342B0BA67654FA4868024181C6525F59450FFBD12F0878B2A68BB0A17889C2CAB189C411BEF7AC57E59789886DB3B3B984FF69DE7107AB80EC0D20F1B450316B465B5CCD9C9ECB92D5E523CD224E1A88E9DDB213D78A21A3133E3C9FE3E7027F18EE28D5057E934111CC93EF0B8743AFF54B81BD1D5F31B3A12AE9C411CCE6A25BC3E752128DB18D8C034F01577EE49892A2014CA13BFCE1EB99FB086966FCD901AAFC574B5EECD3B48A6DB6EA7027DFE356",
                                        "ephemeralPublicServer": "0F911BCDE004699FD4FCC863A37BE5776BA36C9C1F05FB5A0439E9B0668E5AB9346EC9F4DF3DE455C0D96F65DCF022AF2AF59FC9042095C8FC532969D8AE1EBE7FE2A1324129F708823DF4DC57060E23C327D0A0A0C62D76AAF7D530DFE85F1A006816E85B491D3ACBD46859FD6ED4839180D4F8C8D7AED11757C5CD47D9A265383482944803FB4B1A8553D59EC2B65B87B35804689518B9D61938E7081DD75184443AE865695D81E9AD5AF6DEAFC4D8FE4A73E0F642C70BA9606F2A52A3E5BB0E09B6CA34F8217247E4B0BA28C18827D94D59211E9158A7DF4102BC97E4468968C6ED93F656E02E71F94828E69D8B512F8367CE70EDDCBFF7DF632828114D20",
                                        "nonceAesCcm": "D0D5B47C412EEF48"
                                }]
                        },
                        {
                                "tgId": 12,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "provider",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 861,
                                        "staticPublicServer": "94C031FB6C908E2BC36A9429F667BF6035D659C0E4E3CDA9F2D77FF09B8A56E6D73E641C2D4B27104FCAF643A998112AE875E79FBFC7DE584B80BD4AA7A32095E1EA6A55DD94A5A3B63645E0F52AEEFDB8FFBAD1251F6F7EAF277663C0F844CD88F064D9AB351447AA50273CB40248889423CD75F195286882E6872A7FA0690A1E84B2DF798B9C6FFE54FF2BBEC20F655A28099215EA4579FFAC969C4B09DE209F88CC6969E9536AD5CA05EF2F8F71C62B09C2F8E67E42C0D5E322E7C0BF551124408B37B32E814F05DB794719CD7F4BE94240986B91CE488D5B76630243D92474E22DA92885469D5F6686DB1127F1191CD6B9046E52E5FCAC1D552001FF8063",
                                        "ephemeralPublicServer": "3AD77DACE248A4A680EC9EE722EBA556BC156F0AB49B14319313791D71438FD89880C1E57C502A2D82C7B51351F53ED7102766EE4DA86240B1E29FFB10409441AB73274765E88BF4E7E2AB8EC29F3CEA9BDDEC0412301BD3724C3C2D4E62EEDE8FAE7949AD1B9F769008562FE66734F06896B730141A93B9245543A948C3B7911E2955AB9BBA2EA3A48FD0CBF0642A9ABC736120A12C8C41997C9494A90647D17A8B3363D07B11887AC8709EB3AD4BF5D072862F6C7ADB3B1CB8B2A1C2361D1CF13D662CB89F4CC9BF059F7269FAA448CD5B296670FA53EA0517C5786DD6B0E1736BE435BB077E7A1E2EB3A6EB6560F9F26E92F0DACE7CC467089A68DD6B7AFE",
                                        "nonceAesCcm": "EDE971BC462678E6"



Fussell & Hammett         Expires March 5, 2019                [Page 43]

Internet-Draft                Sym Alg JSON                September 2018


                                }]
                        },
                        {
                                "tgId": 13,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "recipient",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 921,
                                        "staticPublicServer": "DA81318338F7CF051CA00EF5D21B07F62C2E2B6C18A7E54AA3439704F68FD61B969EF8A88F645A8BCF29E7FB5665B990F5BAD473342E39BBB29D414D6D697E7A1DCD79053E4BD39F312D33654E03512C915CE5B755C50A4D50479E4C4E3D2880104B2D0B3EB3CAE2166210AA19FEE9A85C58D17A214A1884C258A283AD5E1A630A24B9C5DE8399F68A3DA25C918F6DDF6A3612809215B82E8CA4534CE0DA2A5CD91A5F8C001A7E4877D62489D35A3824525865F7AAFF04B000EDABA184B1E59C7715933D191B9B92BD7893CFBAF4D16A3E125F0234166A7A8F00810FD886526BC2D509DEB370CF03C37D818CB234C4A6BA3F6AFE93540E46DC2FAA98D51F3037",
                                        "ephemeralPublicServer": "66E9F8D8EC9D30654E3213DD4EC045A92177ECF6B08669A68DDDFD12484EA28158AA2BB33E16576C69C8A01A7BFB28AD944C383B73C7FC298784127347755E89A699F42B6B427699F45F88E88463EFD563511B1B141CA005670BAC16A716C3D87B51497AE43ADBBE51CDD8C733E78B128EDECB0D90F80E91E51251C24BE2CD8FD224B474EC991AC5AF5EE68E3971147979226F88A212D42E9F8739ACA657EB5EE3B1F29A2C3F0DD04835FE507D249EFFDB386C6E7391BFA4700CBAF916AC9EC071B6570518E2207298FE65F6EBF764D0A5E929E0AF230FC9DEBA24EFCC239E623822250177305324D8F35FFEDA7900995A550E1E112F6D7A0DB1AB8CC69A442C",
                                        "nonceAesCcm": "35DEA4B3B6FE3427"
                                }]
                        },
                        {
                                "tgId": 14,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "kcRole": "recipient",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",



Fussell & Hammett         Expires March 5, 2019                [Page 44]

Internet-Draft                Sym Alg JSON                September 2018


                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 981,
                                        "staticPublicServer": "44EE0E863BC073442A70CEDEA10372CCBD09B1929F654704247C4601C983BE6AD7A922630D5F752230624B27D343E9EC6314CF83F10681E09B3D3770B40F94642505E4C56FD8843DACE65978216F181970CCBC554E6DDD7370732D8F332495BA884C1BF30313794F44B2BEBFD35E7210ECEEAE1D07D113B1A0E18E99D9FFA54CF6C2CCA60301C6DABE759214E68C5E85DF5DBD709F2E7C377939AC468EC2E6555C34B7EED5DE754E62B79E1443D7E600661D73D43B448D87428945D9C3148FDCDB3BAFFF250ABB6C0C9C6029CF2916DA2670B692AE97376BFCE703A0DCB5ACFD885D5AA0DF9BBD9B9CEFD017BE5977D6BFB37D06E1B297E1BB66C62F6F2A135D",
                                        "ephemeralPublicServer": "5C6719CEE3A9002AC457A78CE8214E24B23F06970EED6DBB44AF4410C4AEB9B3A777CCB103187F089E0391B35127D680F11A2228578E9B36EF80C5E5F8F0545DD99703C2AD459C805885AF7F5FF80444EE2049DD31B28AEF90CB55608D12DA053C839F796B0FC847A5912B09243C7B4513270C4627C39B0A4F9A2EBD52F176619F936843737D8BC3F12800696C1B9166FB92B1A0DCE2D6EF695189D8412FB1CD1F14C8FE2D91B9953D8C93E35FF00FF54A5D14802897547674892CC5E6DD11AA6EE83AC8FDB01F83F819B91BCB29BE2EEDB9A38A4C7752314827C6FC2B4D6B27BD3CECF53D237FE0E2BD80314F4BE6613B4F33D5E19975A2379122C792A6E06E",
                                        "nonceAesCcm": "B45755807B729C8D"
                                }]
                        },
                        {
                                "tgId": 15,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "provider",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1041,
                                        "staticPublicServer": "02170627DE6F40F8C899BD71D761AE93DD75EB4AAD4151E26B3D7032016D399665E8F6AA957DB405243D32F3E347734258C83876E34D0F303E21DCDEE119F691B82F50967A1A23579C81A30AC2FC28C3C0DE5BCC96E7A501DED1FFE2F5E6E85CEA270109F17552B8B42F19F11042D02FAADF33803295495B779C1CAF1912797ED29C434785D76437D8E2AD860F5EAD9CDBFA294AED0C1A6CF1A0AD123F3BCA1736C379EFD74276C8D1153BC5AD8A0AB7D5EAD45782384B6083603AFDA1B16CCB3B0D0A20DE8D8D0BE274A9031C610384E80F877873AE58F8FD00A71D937392E5FC94C446EF2257A192611EB9F64088C560F8120E4B1723961CEDCA1A0B968F20",
                                        "nonceEphemeralServer": "1E9B67AECABEC61FBF7666205E1EFE0F1656A241C1F4106EB4411497E1723C1210AF9DA000A2BFC053033E84DD04B263940E353140056FBB3C6850897E1922FEFA44241082921D4C87E24731B04DD605CB92B00370375635BF1F331EEE46A29A34EED1B3097DF64512A568963A2FDB70873FD021B357EDCBF72D8E78D830F1EF7881608BBD5D449BB3635A5D024E624E980B4EE0361B1C957A8F114D19AAA96D036AE49D7E737CD51F063CCFEC675B097AA823819DF55A5D1FDFFF3A3363A2F03347C55D57DDF7BB8DECD690793B747AC945B0BC9BDCB4C8C83C7A752F09C2F597B50A60E1244F2B65BE5D51BE22999A542F43F6593AA63EA7A682A7085C7AEA",
                                        "staticPrivateIut": "E3FCC5CEFCE5FE934289C79622486E9CD80D14489E95519A4A15A10A",
                                        "staticPublicIut": "CD25A49630B46B2261D2B3123C2B3D6C73E26785E4F1CD2667BA20C5FCE3BDC05562D5BD0751F81100C0E218C9FE76BDC46195CDA2FE4AA70FABBB150BD1B6BEC01091D8002F017BAA7EF1C5E49D413156936DF32AD8BF118ADC61A217CFB60312696D570D06CEDF80253E6467B0B7FAF130457309D9D7A1B0EF9DC9E32134082A9138E0FDF6D39083C46DF7BE3452077B2F58B2413987411CA3CBA695E624060B5E064AD9CDABBCE8D6EAC1CBB17FA003BBC578F6D99AAEC25E0B9C2E258D1471DA57EF494E1F954AF2F3A6E73BADF1FB55430B3E12F0411D5276D2E2879F0CCA8F91085A50E6A8A23CB6EE5FB76742D7EB3EBD0F34E5DC832F257B4372C16D",
                                        "ephemeralPrivateIut": "33D1DD6C1F7161F55DECE654F5CD5728421FEE931A78B31326589B2A",
                                        "ephemeralPublicIut": "86F7404F39265D26599824759D421D09DAE89C8BF71B229B993D2F82A902A3559D3F0A0B3B5EFD74CB218988807BD975B309E6787E373F08DDBC516B267D3D92A194251800B2883F8A7C4ACAC0B664600692C34040B1548F6DED2CD30909A0250FF105D4C388B52680D3F318DB55843645035455AB807119C231E4F8A0FF8C84C62337A4AD4624D5A63DF781E34CFC05A0712ABAB89DD3C3C0DF8FCA536AAE61897E49F577E549398A0F959FF95BA34FE24C4E5616132785842F3673FC5F22B12C4A670BC4FF51EC2539F5BB3529880D3EA045F350D34AD5ED01DC1FD0EEA14372A9D0CDC8BD5A86FBDC30067040D989F0682FC02388E261C3F3B9B7797B6819",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE12346DE2A120592CBF724D26FD3854648D",
                                        "nonceAesCcm": "D19A63EEA4CBD552",
                                        "tagIut": "675E9100D4D2437C16697FA7078AB354"
                                }]
                        },
                        {
                                "tgId": 16,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "initiator",



Fussell & Hammett         Expires March 5, 2019                [Page 45]

Internet-Draft                Sym Alg JSON                September 2018


                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "provider",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1191,
                                        "staticPublicServer": "98391383CCFB54814576F6D22CF0170816950D9F8FF8D64C2A1BA87BACECDB452CCAF1B26F0A977706C6406249BDA46A7DB660879E2E7ABD2CE86B1051F8849362C6E241D649AB83E218A9C5161BDB99E5346108EEA572AE38A6686EFF9E75BAD73127BBE6BD34919CA6A58F41324973F75257E291EA565068EA1C7D5E4523DB0175BBF35A752916E8641DF0EDE5BAE398287D69E8F1710F28A683B6A018EEB5663BB11E31E7FC41117F1B019DCF93D63C03C6F20B89043CE406F955231E8E3508B63003815B5456396BA2E618A59FF59F65F5D9F7D4BE5EA45537295C7FBB91BB17FBF001D21A8A5A99612146836BA66FF1935AEC7E65D8EACF0173B905520D",
                                        "nonceEphemeralServer": "E6FC63D94A63C77E55FECE73FDEE073DC82D9D30C0A65E75EA76E7D2894C0E95DB58B222C467868E6666D8B13B134BFBE8EFAE02A9302C981F2840D1F12EE52DB0098648E9EF2D76304661ED3F7D9D2B48D9006F7ABF9F62A19B12F2DEB6D5C754182FD83E93D5E95E28C24892CE34311A1E88C7F63A46E0E2C4DCBFD98C9FF28FF4BC74AFB849D0A0F6A9C19F81277D5BEB7E7DA964BC108DDF91886476E008EA61CABA4C901C999C312BB24AD3BF744D4035B994895359AE0804CC51E602CCA8F4945EF674BE90A41207FCBE6A1991ABE36E664288FC7EBFC02F0A20C1ABA32EE91C64656A57BBA677429008121ADD13258DFD8A30B6C558FAC84E306408E6",
                                        "staticPrivateIut": "CE08D364B505192659AFAC7DCF645578183958DB5B801B662CD05DDA",
                                        "staticPublicIut": "8DFF6EBA64C878AB81365E96F61F4E13E40362043A760CDDBAD69F932E2B23665F07D8E115111A11B1A28C568972EBBF93AC0409556D585DE08B6DB4E5B6C3664E4F7CE4CC88813D4D4DF877E7364A94E6C0729D47D992724CA922020D712E44443A4894D30DE749EB55661F53886C2829A2ACAFF62098B4AD5F0F6B060C3EC79F623D1CD442820CA68C6810703547C93CB63F7D040D75BD08D5622751F53DD0F9D6FE50A86D0011846D1C7293B442967EC6C313C6B8D949A71C3148220302D00BE595661E0D6D40CF545F339DBAB0DD762ADDF34B975C00D1215337E65F6C24871A776398D61AE80C3953F2FB085FA68513252EFD2AFF85DE3DF17629BAF3B6",
                                        "ephemeralPrivateIut": "CB3F1D45D40AC9D89FB3A4F70DC9DFFAD19438E0E016A650C47E68B5",
                                        "ephemeralPublicIut": "D51C6F1214D83C2D0695DA2E85CE153848B8FF511220DB4ADA7831B67171AC4C4D70952B8E59F7A24554851CDE8A940924CCD01F074F97CE65511CC6F426B39321FC6DEA4CABA7132C087026360B3CAD0DFCAA594139D977A6454894A14A148C2B91814109FA567BB1D4B33AAB20E88FEB6D9B37192A9417ED3B891BCE3CABB610364635B5386BF00480999AF110687C53909FF05E9060A7AEA9FA5149E55565EDBD0A58D423A2E49953BABA1D299AFE75317262EEC333E82E41CF38BB7876BB35DA0F668C036BDBC06D6F49F31F0C83C69ADA3CAF5C1D873C0B940DBC9E453D996BDFD572F210657DCA782C128FBEB1CE30C919E1D3B1A47678DB301CA6A49C",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE12344F588C8270ABDEB66A5FC6170247D0",
                                        "nonceAesCcm": "9F697AC59FAFAC14",
                                        "tagIut": "DD8630597AC383B79424268E560966A5"
                                }]
                        },
                        {
                                "tgId": 17,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "recipient",
                                "kcType": "unilateral",



Fussell & Hammett         Expires March 5, 2019                [Page 46]

Internet-Draft                Sym Alg JSON                September 2018


                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1341,
                                        "staticPublicServer": "A679B9D9BB321D33371BFC2072DC8496994733B50647FA1BE763E835CEE48534BA5E31300EFF8ECDA6896134BB8A90AA016E36E7665C727E4776DBA1993B3CF62F90AB7729ECA9BC80F996560CD45BF65E1398B57C6759F125E3DD63349FB3F03A70442524DC0A1EEC52B29164198FC1D856CE1EDCD3489049958E5162CAF3C781F741AC7598855A66DBB2C8F1BE5F11C118323F897BD84C99F9357268923CDF4E52825FC495A90C0B86F68DCD8F89E867D10FF7BCD5AB79405228FD793B2D62BDC530CEFEBDF49BCC08C5C57C843AE948BFC1F74350AF6C65A79B3A52279F94D572D5696635597B91B03F9DD47072E514F6EB64059EA7829306F04755CCD0DC",
                                        "staticPrivateIut": "944A5D33CB1BFF9F8A2762B0BF18AE3274C97F7E9F0094C5480EA2F6",
                                        "staticPublicIut": "16CDF697CC07832AB9BBDECB5D18F3C7F2840B1286407FF18E8AB1133643A9D8A37BBAC357886D4D1B953153B2A544E14FA5D7FFC7D5C3057300C3194ABC15D2A04D097C576A40EE96D3C78E541A18F087D02126A0158ED553A6158F38AC89B349F84F535FC18EF1DDD88602FD32AB8F18024E8D17CDBA8924BACA15DB5030FC4EFA2BADEBB0713DEAB53D076FC26266B8205B4ECA51A2A197D68FDFF5C0D812396C29CC760C6C5A489C7982D6D5BFA875E451D03F9BE43393F7088ECEB98AC7B85B8087F0C68036622BE121E4DEE66EEAF588E6CA835F233F6E22B20F062F4F1701335107DF10BE35738AC037CC98676338311F95FE82BFE59B45F474CA028F",
                                        "ephemeralPrivateIut": "89AE5C57C633F93FCEC3CA468C03C9C915848EBF0D854D8D7F0A0748",
                                        "ephemeralPublicIut": "4FABB7AC021C510FBB092E1C0070BA16FC71AEFE5D2283C127672A15D0E7B9223BA455EFB4B9D03E6FF4ED0AE10F82C228E7DBE854E0D5507037B541FE5E36C5E34833663B9DE4E31E1EB0A55E3F74220D397AC319D078B295B805DB95512CD0724449798010F36A0BC2719376F6D1EA9E17E141F8AE2F5840D5AD9F3C5757123C2AF8D836997CB5E01D4163C0916C9F62F832261EB3596816DC84069EB49042AFFBF4DBB0D33F0CD9EC74C1FF9224BD0F2EC4E9EF1D86676BECB0EFE5FEB6B0C0DD4CD97919C87D8BADB2D3C072D8EE4C0435B724705EF4CDF6535E5D292843B3367CC0AEAEB9F4EA4D9417ECD5DDB7DF7058331DAA442CF82EFF0FFCF9F17F",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE123459D3C3FDDEEE446BD96F4FFA30EF41",
                                        "nonceAesCcm": "57D68AFA30D5994D",
                                        "tagIut": "83F4FD5FB96722E8FE4386C04C0BDC3C"
                                }]
                        },
                        {
                                "tgId": 18,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "initiator",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "recipient",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1491,
                                        "staticPublicServer": "324503C4B8F98F55EC12C217A8E1874B2B917A8E5D56911712C8B96C9F157A27231A227C87233AB56EF52783AD4A5B6E3BC892DC6D826C9D9254832CBAF5DE70404056AA5903E71511EFF4526EF4A0708084B9F222C4E7E8AF335F798F664BBAAB5C7D2B30A10FF1E01CE762B1AB46798D1AA3A91840C53DEF8D67ED5D6286F42FD6ECE078A519ECECF42E95078268738C81D4A7D6038315847CBA35FCFB6B9D66B405BBCBA6B1E83458EF6398AED158B8BFD36CEE2C31497B514BD3F56C28E62AA870E2BA395028636E084B2488D62E2AD57AA2FBB6CB986AB3F6B08E2802CD6A1621C4C95956956E38111BB84D7E7CBCFD4568F89A6CCEEF2A682C5E426ACC",
                                        "nonceEphemeralServer": "A30DC780FF140C17EF497261C2C8F5E54117CBEF63B89A17820D1B6997CF0B84FA344C84D7CA27EBC3B2B16C0C33534EB6D7A75F4071DEEF919E4A2600CFCAA0B57F941517ABBDE8770B6042A82CB5CD341B386170C1038F4A632F94B29EF724F55998C200876AEF39182143002953C132FDC5F7F3C0FA4E41959D819AF600984F616CFBEDE8CAF9132C226B104524E7E5CA8AB3364685615486AACB817E1B5B8331882511388CBDB1FB3E79224FD5EC611EFFB65284C9D8867D337AA57BF551A544BAE5318606E481DC38001F0BDF8700504777CFC1A03D17BAAB171C0D99E9FC5D8501D7D53CA995CF78F2C1E192319450873F65F1AF2A4591BB6D2F9CB4F9",
                                        "staticPrivateIut": "86586780FED8E66478E55CEB38AE4EE085EF4C87ACB542A3DF343D6C",
                                        "staticPublicIut": "D256DBCBC143818664903D45DE06CEAB1FDF5C3C92C26BD7B3E53A006CDFA13DFAE50E096FE8910A1CFA54B1C53F7E7CC50BECB0E4EA0E6508079EBABAA51CD9B2ED39DA63AE65E7EED15750DCF08F3F50AFD1A1C461533DBB28A2A3D4A653E93AD46DB8CEA6B78A5D30D3E4283A414ABEEDE1B1C670563E8BF7C62BC36A622AF2A6DCB05125010378E4DFE94985DF89DAB2DD72502B53285E548223D041E4B55B5B7D109A5BF3204CD5C782AF66AB815A2E8216D4AB16EAAADE09BE0BD847F1B620B20665DE286CB248FFC072105EBB614EE89F47D132D721B72FFF58A848420D5D4A78593CA683B0319A5A22E289E62957F04206566FB0A84B2B31B76B687C",
                                        "ephemeralPrivateIut": "0EB4D2A40A2E49E5AAFC792BEE2183368CEF504DA813305B55318ACA",
                                        "ephemeralPublicIut": "10B29FA275824C2305BD414494330ADC8FA284E27D75840979573C210A1975685A842BC19EEEE0F462A6A6F6581A0B4E38BC18D86DC3BB55E3EC2DF3731F6E321EE288823FA805D78745D6C2978DDC4434B9F1648FF1724B7DF11976EDE9B817B0F944FF0E2D659402C71EE725FA637B23258E8311DF15031FA6974B93DA823F253EC367FAF297C3EDEA2FE00DC5BB52EEB7E2CAB4BD41857441D62B020D3539B3EAB3C5798AEFC11AB12AE11A83E19C339F9F1145E36BBC8983ABC60253DBAA20D074485F0059FE0EECA9535F2CE34D08A8DA004501F5C2B87DA8EEF136FBE6E118FAA572149A3600B18352C643EDFFE225023B8DBD2E979A202F1E2B97699F",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE1234A490B28BFA803CE2ED934F0AE8DCCA",
                                        "nonceAesCcm": "B682D26D3E3857A8",



Fussell & Hammett         Expires March 5, 2019                [Page 47]

Internet-Draft                Sym Alg JSON                September 2018


                                        "tagIut": "25CAEE5040F7AA018D82C5066AD7881F"
                                }]
                        },
                        {
                                "tgId": 19,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "provider",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1641,
                                        "staticPublicServer": "2575B8BCD7682B01F664BE1764265F69C33EE0680507AF5C4DA9C4A6B2D3D334674BD0B2D41935A99AE748FCB7C0A4B8E0DAD0D91F13CC66E2AB66B7EB6F94EBBEE7215201AA2240B4A4DE46C42436FDCF4D88AA46F768F836C3CDAC52DC81D32A44ED4BEA4A6596E1455BDD7C2D71279D87FC59FDF408BE7950E63B1CEB1072431C987A02FCFF6AD116D2B96453CDDC5255240E1CB0C727FEFD65D8D4812689D34F77D19B1B369A0FEB78125CFE559D2A084999BCC90CD5289BD173803B752CAC891E099AF3DC064C7FCF305E4C880A20EA4E8A95DE059FB762FDE5E5B01272BD3858047B9B3CA8B747489430B7B0538B2C0F7F93BDB6ED55F90CD4B08B4908",
                                        "ephemeralPublicServer": "B3F76590E308FEB6F4C7B0C0AE68EB250A400F94C06AC56DB020D6745B7F6385D3206C36C75016EBE3751A2446B22FB0D7BFA9C77D43E9D8643F176902E1E955F96B76DC98A49A751C10C369CCCB871C220D93474DF87E5C26EBCDB8D4576293937548BEAFE19ACD588947E0F74430C071B1D041BA4BCF7093529C3F8EA3086D389F56AB08351C295E9634D30A15D06E8EF88DAB32D6AEF11B4AE8DBFF86617F0A01689052C4980D756E3E06701BD6CD41EE8AE7471F9FDD8117EE0F6EC6B6C54BA8814E5336C9BA69A1845A28A1A7EE100E7F8208E0C1AA4F370340EB81D3A97BE15E9E91EA552C3FDC69E23CEB02BF87AFC50F0CDE6A4697C72C8385E86A22",
                                        "staticPrivateIut": "278FB569309A162DDA6E41F24BCBB2D514AC393C80F3E0CB32843FE7",
                                        "staticPublicIut": "2EC4CBC9E993CDD608D904198F9B7F487F6FEE261B37BDDF45FD17CBAD4CF9D4057F042D3FE33ADEE9F8C4022258A4918FB466EE3B61DF209DEF7272D3896E02C9965818A45F96FFE46FE71FB9E32CE09EA2109112EF506F9185494D26461EBCA4C9224CCA224FC90DEE9CC25CC6EDD6444DB35B484C807F7593D91ABEF0CB5EF1C11D4319921620909D9EE4B0E0543AD3DFFD1764B541C461EDB000B71F02860F30F1591E626541B2DD172A2C6F858AEFFBE927F68190D9740F06B5F075B6F270C9F0C14461B57CDBC3D4DB4B219A9AAAF0B945DC6B95BF69F0FA173445B72BB477EE1028E9CD93E32DAC17C01698D061430616E8B3A3D665CF10EC1AFE879A",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE1234B54B0845CB77AA816846F2E365EDBD",
                                        "nonceAesCcm": "90DC219FF2AAA9FA",
                                        "tagIut": "266167B5B251C379479EF80F282B637C"
                                }]
                        },
                        {
                                "tgId": 20,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,



Fussell & Hammett         Expires March 5, 2019                [Page 48]

Internet-Draft                Sym Alg JSON                September 2018


                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "provider",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1791,
                                        "staticPublicServer": "689ADE017EB260D8DBE1A160557FCF260729CE5FCB3094520C62EC49F94CCA74CDE6CA19053D6C0FA6A98750D8DB69BA2B078551C89EA9396B3A45F8B2CA5184114D1B78F81F685D4009BAF82869271281F1FCFF6F2ED91584838F8B7F5339D8AB69C282A25A18FC34CDFD6DB75260A458572ABE3FDE2585FCE6C8FF00F6935D2269DF5127D95E3B3F2AB4B3EB5CB799149630E3763CEF34688E6D4A1FC5B35942A6A7BD1CD26E9E437D334BA518232B4619992FC33FD3B93054B8A517ED513E59690AE1C171187959F3F40530B020DA634FFD547DFFE987017FB77A70521C14BDEB2E246E68729271078872E1A71FD35332181B23A4F082013E27023FEA7FDC",
                                        "ephemeralPublicServer": "387A751726FC8EACD5804E11DD249C72D56E460A4D1C5D6FBD22B9BC0BCF034C10B2E1896539F547F0D997C85F1BF7F80BF1F78D0D883D4D279BD5BA85576FEFB90893E0CC4F91BB099F42E23C28B8E97C3180BBD9D1982BB9DE509ED59E3317EA25603D8F8E6B122726B527F877FF2AA1D958A8C868AA07F37364FFCC8E02831130DB1749FA78D15668CDD362AF47A2C9A73536E818ABF2AD0B1E60E61E706F98B4B49A2B7404BB9B921BD39114907A3F674115BB69550DB593FF6B8F814096C01CE56F5CC4700F9637C1ABA75B13EAA42D35F0986F2F34ECDF86A23C0A3A62547BFAFAEDBB386230C37B76771D487CE532DDC8D10E92AF4DF5AD2317676B3C",
                                        "staticPrivateIut": "01964A4D06931493AB48CE3AAEC7B6F9214EF8E68FAD285F67F9C6C8",
                                        "staticPublicIut": "B45CD5C273435636EC9AE3FE94295BC2D8B483CEB41E4B933CCE4A90972F4F862819F8EFF2FD638C83A084C8DADBD2603A4058604EDC9916B6F81AE37FAA46EAFA68C4C71FEA0ED55C7A38229B52C0EC19117F86F8DB84D22B69B5FAD60F1D067A76ED4D294D3C4C548B04BC93A5F3A94B72DF75792B1BB67B2AF4ABA4A44260C753C806C703741C6A0F039BA58EB1100197C4EEBDF09C92801B36889E604373D82FDE50789C34BD61E1983E6AFA8C04D43835B528A863130B9286D9B3BE91349F4A300A0A0A5E1A939970B1BEBCCD42B0D84DDB35E955F8FA7E0800CCBCD8137B0943613D78E67ECA3535E5F0A54432043AD8AE8B7BF746308788C429D2E502",
                                        "nonceEphemeralIut": "799A4D6D4FA5C842F03E7CE9845FEAE7A1E8A9C55A49664407C3014610CBDACCBA64BE824B6CE280AC88AF7DBC4ADBDABB951D77BD01C6381C98D9312575CA9FBC38336039A57CBE6067C7208183DDE0F426BBDB6A9604EEC5F828C72A42E774A93001992BD0017770880EC2F08B30456004740DE974CFBDD15F313A1CED466E29B7ACB2C83DE46934A54F3A53D54DF63345B570B1112B56E3C9D61039351CC0C361983D82648A1575251F15CAB386A86F6A7039AE09D0C1F52F165253598E53BA19EDDA7EBD61A37E637A82D32185F91C296AC889D6D9B03C16FBE3080979EFA7F2364FADA3D1D933F91088BA0DD7F0121F5BCC493645F0699A7D4F96949D8F",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE1234F90CE7E9F0B4A48D1986BCCA62B35D",
                                        "nonceAesCcm": "925048AAB27B4358",
                                        "tagIut": "E8CA0A03AAA7DC5C8A4F2ECB7E9DDB64"
                                }]
                        },
                        {
                                "tgId": 21,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "recipient",
                                "kcType": "unilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 1941,
                                        "staticPublicServer": "D91479786D5E975DBF77B6B2425AB0AC68C593E291DF9CB8B56A52A8BA4469E583ACEFB62430E24633A573B214CF6CC4FBD71DDD97F65D9B894412845DB60A385C17EDDC7E6BDDE41AF8F36EDB1FB229DC0060B8651EFAF743B5972824CA8FC23F0F09BAD935158CBFA563E70FEE3DBBA79B6280449E0E61253E56E37BF917F7AB50D6A0015BB2BE9313409202151FC630FBCE8E54C54B1F3995852DE6D49AEDDC8557B078C643EC05CEF68B912D184602743DA8A32B93911DE89E3B374D69A14615178CA9117EB6005A21BD56078926A57904A181A92F4412CA0895D93C55699C0187638E60342A7FFC4AE9F6448BF2466B0E6F2B4B68726387500856FA6DDA",
                                        "ephemeralPublicServer": "03019E8B2EF4688CD771C9A1B032E09541DBCFB4AC9EDA3B9C965D175DD45E4F3642CB31694EAD9331FA0597BA8351EBD311711DAED038D32719BEBA16283923ECA02559626EE4DFEA6918D6F300E8A811138CD05DFF6DBAB5C030F0DC963184AA191484116F989853938BF5AFF9A135539D8A4D0A0D5DF8AC19ABBA4D95C0462262DA349A50915EBA8E3B202E9F4F3C926FEB0F4B0AB647CC2915A4498DAD6DC3F3EA9063D2FBFCAB35FC2BC4314B8F4AC071E275F1C78CB0F13DB922FF86F5DFE829173D9F5983865615DC0B093054E0A8A23418A8480A894AEE5AB2F11AE7B7CA2017CBF242ED8C2FBE0DE9CE352F817FA328A4DF56FA9877C50B028B763A",
                                        "staticPrivateIut": "D97952EE78B1C2431AC50868E756AC14C6B29D18883515D1665D023A",



Fussell & Hammett         Expires March 5, 2019                [Page 49]

Internet-Draft                Sym Alg JSON                September 2018


                                        "staticPublicIut": "D0E1766A6B479411B50AD54961E042FEF80429DFA17D863381D4853EF080700D2B4DC262040EC4592DDBA5A975DDA3022DC4DC5BF4B6C270D681253A3F1C00AD4F2CAC8EBEAC915361BDB4D757917223E0801C8E35221DB6A361C84FD961914134E2F8402176FA044E794658AE74979C6D322E7BDC14AD750887048633573D40FC308A21B09B38F14A86A57984DDB7D56DD6C9514298E2E60C84C225979418AF5574AB9817AD063CE2A81F92FF80B902F8ACA3FCB28802BF6476FFB4BA2E37B65D0B15DF5DBC548B41ED1E44743AAD250648AF37FB4EFB6A064055936C3B0B99DCC1E5C8975C006DFF7CDCF1CBD444E67B098B1B7FC032105CCF1F5516883A89",
                                        "nonceEphemeralIut": "E5D188DAD2A9E863287AEBA62D059921BC13DFE9451344FD767E5C5DA5E78957AB24E0F7E67580C98179D7DF604559B3C86CF0FE37A258C5C96F4F527269DD005A4BEB86B9628DAC12168B9DD80D6CC6D1CEC783E8E4A397AB9A59742293DF0D17B0EDCC0B2A8290F0D8E2DA39036022E472E55277F4B14718F7B13CF27D85F5F1C5A038305038B6213E78992BBB8F5DD74BF2A788D1D3B7E91D1D44E1A4CE68720E96C961376ED6196E234AAC9A64363C93E0C0E6F704878E01709E2752254488243490F2CBF0B80CD89E8D5861B959BC459606E8578CA69F889451EF7AAFB7FB7BAC66F4217BD39AC918739DA31023535F19D60A20C0358B28B16D9E8A8124",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE123498CB185732655116484B422B2B9B6E",
                                        "nonceAesCcm": "507A464107DB9D05",
                                        "tagIut": "7906E07684F1B1DFC75CD8EA6BC36EFF"
                                }]
                        },
                        {
                                "tgId": 22,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "kdfKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-224",
                                "macType": "AES-CCM",
                                "keyLen": 256,
                                "aesCcmNonceLen": 64,
                                "macLen": 128,
                                "kdfType": "asn1",
                                "idServerLen": 48,
                                "idServer": "434156536964",
                                "idIutLen": 0,
                                "kcRole": "recipient",
                                "kcType": "bilateral",
                                "p": "DAEA7C71588BFCA3B8ED40E103CE87E49701D228822CF4CD3A5A5FBA7F07895EEA4928234724E50521054CCD84DCB24D65DA6F940D132AD08261FAE24605870C7EF2D4B68E2F55C3AF40F296EBC5782C163BB93B8D37C8CB22E6F128012D1EC0E0E3B43167CFE7050A396A1C96CDFA3BDC3116C3DE1A0970F6F390FACD10B7999C47A833ECBA92ADDDF401A30BC13B34C4040D025E530B06986A2FB7E308C4B5BF25A905DA6504C58313D2BE55BC2AA79F92D312EEFCE1C78518635B7FC6195DFCC30DB761B25C60752CB544B666B7A1BB6DB7B7AEB92037D9E7EEE6D925D0C5BC8A9CAEFC28924CC2E82A4052812E508B5EAD44991298F4EE2AA18C15602217",
                                "q": "F3C65FD74CBA905970D1E32925D7FD88E2412AA88C1614E579890A75",
                                "g": "61376016993BBA8A477E30C8A78C5846F02A6A8D7A80664C26FA815CFA7243A528400F86013960B1E78D9EE976AC5E63BFA71304ED85D82D589A2D07EAFA35485922B9D02B0B8B4F1A0C61F86AAE0EB0C34ED89CCEBF07DAFCEFE9CAC55711B3C66A8DBF4198CB9B431E05680AC23795DF7003F8069716F05991346AF46E7870FB944DC2BA01FD539F833F7B3ED80BE6A8C3923534666C46A49914D6CF15055F7A7027034F2F54FAED83EBFF3D445044326CB97CEE3237DF1CDEF814991F66318DC2316782E851E9BAF78BC969AF376110E514E58A9BB0464C946A62F4EAC030A17C01F5C1488E4A7EDC3F11D6A224D2A7C06EED2596819178F6A2564F048F81",
                                "tests": [{
                                        "tcId": 2091,
                                        "staticPublicServer": "96A947FFF446538F7315DA2C0DCD341FC459A63D4FB8D253CA4120C3B8406B60F4BE0BED9EFA038C27314CECB178D0E8726E4812385FA02341DF56921C089A7E3B36A938AAFC42533DA7F09946ADFD7F02410C392CA477931EF8537C3737919A65F4E39B6C36215031DE534B8C7153AA2D27CB65E7E8490FAB990D06B874FDC2888A0D918333AC96CE9C7F096AE2646DEA0E7A4FA03C099C9AE7721370A5CE5668272116BF5FAC7BA478EACFECFF59B8594D82944D1C62493CA3CCB6878E262B7B644BC8E8861EAF35DC0DAD85CD19126C315828FD56DE913140382C73081B4591B94D7DF59599D2871C6DABCDDC07B779D5FD6CCF776AB4C42B914BEFF51413",
                                        "ephemeralPublicServer": "15A5F4C5B439293DD59E031531346DA8C776046F9E4F058B6A4B9E927E1F1B50CA62B2FA46E68C4488BECF8330467B60FCDC555D378A6BADE3855B7B8727DC33E24CCECC1EA323DF9D7B3577BDB21A1C6317550C4103102E2F545A7CA619D0A1086186E4F56693E67B0B5B8544C482CC0C6707F8D0DCCE3927A82873F54B512BC5744193C8F60707738C6EC55F50660D7599D6DB6A875F1B726D189E2D27FB9D3059B587576DE01E9ED33A9E1E5D6FF47001A1D55F57DF3FA53685782EC937ECE003E355A822D9F3B03F72BDD4E288E30ED0626435A2179E962C53D71E9C1223076D5B3CCACA802328A4E85368F3C846B8C395BB6D633DA35F106DBB6EC31024",
                                        "staticPrivateIut": "A905C2AD3791CA57115E0175EBB1846F657B7725990CA575EB648CFC",
                                        "staticPublicIut": "3C98E5319B90663E31B4C0E3163DAA6F0F0792A1610908D35DEDD785890B1962EC89BE8C83EF60DF50435CD63A5F9C379CEFA586AE88321230B8789CB12194256EB61FCB8E511A1BEE1B24ED84B05016AF1FEC6CF0721806B4470C1615CAA572452A0FE28757511F40E6EE660F53A9B117B690C4578FB0500D4D81B68DBD76E2750AE3A0C11E8361B031454A39DF2D7E850CD04174BEABE2D8C6CD7A03D27CD2490085B957A06D7C570DB466011F0FFFF3D87E01610B70BBF3E854F9D755EB8D03A90954D9F52D60CEE1F7BEA2114323C42F951E527EC1000D3F11B455FB9E0A0235EEA1E64D20E6B8F120CD018476FC69065A2A5E8099967130589727CFC96E",
                                        "nonceEphemeralIut": "40B82C42063C4D4002C655FB65F36A38BD3B4B6713256FFE5DAFB1BC2D452E26858194F9B27B9FE1E1FC8D892C8DF2B7D8BEB5832E059BD5B2DFBDA61D2F3D8F50818958AB42F773BE796DAFFA21DD1A55CFEC6AD47FA80EDA403CA9EF5E5B4EAC88AB09A84887C4298A02D6137515EE89AC04797EE917FC8B31A1320721FEC14F8024101066C75A486A54EC7B333F7B7344CBED1FABCFD198BB7070A3D02F7E767E0A53F18832549A24244DBBB0B7FCA14503369F753F59D4169942BA627F6DB80F9C3230E1C0767A6B625F05A3E732FE2BD2223DE88E13B13A35B2FFADBFFC8429F1A2E2B5277467401E2E88F09409C898F07A5E0396AAB27EE8575528B799",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE12346069DA63735D4E63DD752238101F06",
                                        "nonceAesCcm": "055D20623BA47053",
                                        "tagIut": "DBB039CE12C4D4D6E1C89B84028FD875"
                                }]
                        }
                ]
        }
]






Fussell & Hammett         Expires March 5, 2019                [Page 50]

Internet-Draft                Sym Alg JSON                September 2018


5.4.  Example Test Vectors Component JSON Object

   The following is a example JSON object for KAS FFC test vectors sent
   from the ACVP server to the crypto module.


[{
                "acvVersion": <acvp-version>
        },
        {
                "vsId": 1564,
                "algorithm": "KAS-FFC",
                "mode": "Component",
                "testGroups": [{
                                "tgId": 1,
                                "scheme": "dhEphem",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "noKdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "p": "a3a77cce3b0ea9891fe6ac34b2bdd04e22f9fd5a4976b5e2bd4c9ec43831c4d293779f3c4f826e6c2a8d6bd1ffca323b2360fcaa8bddc8c5268941578eede1f9447a39aaaa9af45bae4596b6df2a7048ce65bdd421ba055c640458abd4fdd07564df3a39ad6375a38dca884e5b67550bd60d789f5167935add6ae77af506e69d48eab2ebc1f17ff671c6d03d2f4f0e53e0ff1bdb488feca5d2b569f510242dd8bd64502c67ee8fe36224860a8b2934e864f75eff5fed4ecea69a1b2e6893df75ae19b266f4a55ccca2307038056aebfd212a4d5b540273d232c38d5cc6595216c3050cf4562989be8b341bd58c183e5e411939b4b34ad5752e87ffe622bd2075",
                                "q": "f094f4fa8fa36fdcdf4f0378112bfde03cfa532e666b9736b5ab76e9",
                                "g": "45308211a07f231181276b44b873eb67726ca6aa5ecd39b4274f780409e15bfc98ac4680be5220a23b963e3b494602a80ce6cb6eb3f056e2a911ff7529f07fc53fa8840174698aac6a9dd540e86171cf2896a7337c0a839bfd9f24779c83f75b376da3c3c4d25d6b454e09dadbe230ee42115ae7ea79ace00b3c73bfd0c9913b0251177de4aae0ed54c041ff071346b2603360e5175faa9bbbc8fc50c5c657bba28da146674fa8a4f936da9d86511959785cd8e34c4b1f390b2cc68f574fd85e96e894d1b225ad43b3489af729c560b513a671e7fde2bd138fbd20605c74347e76ac50e230c57fec6dda275df29f770d47b91631e135778a51f3032bb1ef292f",
                                "tests": [{
                                        "tcId": 3000,
                                        "ephemeralPublicServer": "2cc5dcb3cae0bd0052838991e371fca0bb827598c1ffa554f2699ccc29b5bb085bf77634ab3fec24fb81ab1e435c17229bb6872eb4fcf30acee2a3fe9891363f51112f94d2a48ae506bd4dba9e8db6ad59713d4b8a5afbdb717a27483680998bea79baa30e42294005bfacb3e67d113549fa48d058cff1dce03ea2d89be3b61358618c540db7b11b06d4d0e545d5a5ad8d93246946f5d9a9710ebd40a48a2c70e7b93928497fa02d08cb1c591dc3c204e88e933ac2e8c68b85e3757af1b44448d60ec63fc1323f3be369662b2937a419648dc9f3b4b19496e8a4feebaed8e0ccb02d56000e5b1832b2132384efab47950e40eb8482f2d7bd344e019e9c573384"
                                }]
                        },

                        {
                                "tgId": 2,
                                "scheme": "dhEphem",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "noKdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "p": "b0b4760d008b63403f2ce5ae597d0adfa56a11da5c29301b25565282c0fda5fc634d51fd738807800b506e4728c597c0fd9546830b97b3f5782a79af630f3ddc952c08afde776c78179c566f8ce104f886c42475d8bee4016a06e001e1a4272671041d25344eb0f29e4fe3b1325c07ce9a3db0a211d928d62ffcac3afe05fbf83a18b29f85ebe3fc8a6df2c34b7cd50e3c9d6c5cfd56accceb9a9625acc56a2ffc71d476300bf2fde78f1131bb9ac40d2de7fd61cbeb3d240733781ecab43be1d787f50eb3717892155624bff7136d80d847c9df3af4d303304b79eb9672c5cd87ef3872c394064e33155b581df01617bc35325b66e6e9e170475df3fd66265f",
                                "q": "947d217b8f4d658f0f9c6d427d28dcc2bb18b186f0754aac47c9cae5",
                                "g": "a7ae223bb4f3360505170ce0524015523d212b1746a24ecf78eca58e572227b92cfea96c6769b57ddd74e0dc7a2a3ad76f3fe29782727e253b82bba5e88a6bed315ed4163cd1549bdba262b004c0cce197be822b7f4d4cc1ed74aa7714d19aa29c5002fe8c9ae1020f643e92353e1d48f04047455671eb955738590fae4de0f35cf6880715104ee0604e26e1134922a59169da3f31acbb4e44e50667707e2a9b2e5a40b1292a0382f03cae98d67a609a2d71d55e3efeab7247fd8b4cbd770120a3bbf0813ea9c11232178b530e69281634d4710f5a09255d78568d977fd1c7f4bf2d873509c14b31b8796f22d2c3684204d29303a395d0d262ae541186a9c481",
                                "tests": [{
                                        "tcId": 6000,
                                        "ephemeralPublicServer": "4fc5ed02abf0791bb01ad33527bd16ee58f875bbc85de5b513ccce95d05d6c735e726a102f11a69152f1c430b027ef3f2049e07db96f448d9b016ebd9258cd33175c06c00d107c99ccfebc8e77b19c61ed7c9e1d8a3e912a893b30ec9ab1d59d2bd5133c9669090c7bcc48318a21cabffbe56477e9fda36aba9c5e4462854fa682f503de3e895579b0c51a2f2a6b1fc59bee015e8bd89041a2efafbe8ea491215a88302f6a4858ea3c0d846e52f6ea070b61dda82009bdf0ed13a077ea1777233e059fed4c45249c5bbba1fbaa6f574058ec58d56e6b3a486e0aa306ef2d63d70617f6b384fe238e82832dfeff6317aa887aab894efc9b60e6f5127581fe735c",
                                        "hashZIut": "6a8a50b45c32dc4e0eca0447822024e843dbbad378392ca4d2da83ad40500fe2dd06f5fab677725e5706dd203d28a47c57cd85dfd431636f515c230ab376c6e0"
                                }]
                        },
                        {



Fussell & Hammett         Expires March 5, 2019                [Page 51]

Internet-Draft                Sym Alg JSON                September 2018


                                "tgId": 3,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "initiator",
                                "kasMode": "noKdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 281,
                                        "staticPublicServer": "58573EBC7A52B7FC467A512EA4D40E5262F4E66C48742B5433A2AB0D040796F6E718865B22149BCBB25E17F1C430CE1C47FAAEF736112635DEA36997EF17D492FD7E6060EC2F6F0A1C24886061D5C54C32EB40876087CB91C065A04E90260ECC43D4A74EFD79CF21AAFC9343A659DB3EB45C72C38FC090C83CC4C94B308AB5278A1C37B715BB0DAEB91E4CF0CCA6D498B7C5131FEA7719E8D080F5F7F9FFCC541F958A629685730CFC077A1268DBB16CA26872049B1F669366A408A315881ABFCFFC92DE73BA4FF9304C2C20539B249AE10AF026388D19ACC2419604C92AEBC56E53A95B869E79D56AEFE9098112930E8A5189AC19611F56E788D2E43A54AEAA"
                                }]
                        },
                        {
                                "tgId": 4,
                                "scheme": "mqv1",
                                "testType": "AFT",
                                "kasRole": "responder",
                                "kasMode": "noKdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 301,
                                        "staticPublicServer": "6C679621CD67F982CAC083BF7ED8938C80BB336A7CE5F752274E006EBA7F9F4F91F87414FEF3040711F6D0DCBFC145226455D0CFACBA57D418C8D2F6234FFC10D667B94261349220F67B59385597EEF575DF1D461722C59C99CA624795F46DFFDA9850EFBB49194941166175BE2F7871B43794BC7BC8C0F759191443C938BD4E77A0B32733AB08B8D32D7BBE5844801DBE5969C18A13E8A0A3F8497686B0FEB0AD4129A29F07854630CEF65DFC99CCCE833E610FC50FD0CEEDB94F5699A4B37A1DF3F2C138A63B81FA65E496911B331805EF47E126CAACC81F4EC66243E270A83DDD50BCC169D90539A5AEBE874902A716AF3A2B26DFDB1B75F38B871ED2FC99",
                                        "ephemeralPublicServer": "14A0B1C99306E9D152D33C9D0C36855B45A320EDB4C2EF93A3460403D42AF220BF3F835CB57503AE3D959793ECFDC8432B7EA275A9D242B420C25B1849CB0C96D37F4734BAFC70308E45A991BC94207031158192F6F6AC4114E0412AD9FFF74A2540EAE0FD97FEDD45C689496385DF232E62333550FEC950D7704C18E06CED7C1996199C6BA4A35ECF0A4C1FFA8A90BE0844400025C31BA4CA225D588E2CE81E2E70FDDD3160A01B347286C1F669EE849131EFECB3DF2CAAF34D148396C57ECA6D0B49429647A7013C39C718E4762CAC9366CF7176DDAB0E8824BAFD03CAA6D5D9BF9EA0DCE16838BED3B5F560883CDBB1CA68A369AD5549C8CCC1E8D7554FBC"
                                }]
                        },
                        {
                                "tgId": 5,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "initiator",
                                "kasMode": "noKdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 321,
                                        "staticPublicServer": "B853A15F818A3748CA8E160E2A12E3CF2D517E5002C29497A072164861F4A069C3D867999EEBF560633686B767C398CC5190B5A147A90CF0ED856AB3629AEB9D83D1EED230F95AA86598A3B05A8C84374E47B29B2D9DCDC33680835BC45A735958E636D48B950B9D3B6F8B4D4F56DF20C96F10486D0D59A846020B5E8BDC09279477E807AD1DD90B4BEB084EA09798A8098732E9BC3D1383BD40459158CC9DA0A1DC45E9106B521E3B1D48367DDD5FE30474DF3B25E00B23891F49BCDB048F7195CF1D796DD6331435CAD6E8A411501462194D4AD39573728336237EF17470B57F01D4A663DE6DACBE98E2AE3FF8E390665CD7B2072E100A5B03F4ABECD0BE99",
                                        "staticPrivateIut": "03271FB1CB05B4C2A45A067CABB560B3BAF9550DA0E26299E0567874",
                                        "staticPublicIut": "AD62D4942746A618B69078E411766A62C1355C5015ABB970326B01B080A1DCD5D6A006EACF9B72F2746BD0537C0CFDF39EC8E195E4FEC72434AF5E3C06B5E53B3F2A9381A0E752674F9BEC5F336A13BB17DEEC3433DAB87404FEDA24BF778DBCDA111E099B41782A7203733ACCBD754D321B7A53C06ECEEE5C126640E53725CD730ADA5528D93D109F22F648253A3ED4B39900268D1B5D06C9DBC4E25F4034F37366B941109A0AEEF98E3C7394EE479CCB9C361EB1A7BBB056BDDDD0B1941F8D3AD642B7F1E3545610BBFA017947C8B907624DDEE9C5BE8A4D6D92E23B1FD7956E98491C84B9D9A8194BC74056799958E95E60CB1923749034A3282F6ABB2C06",



Fussell & Hammett         Expires March 5, 2019                [Page 52]

Internet-Draft                Sym Alg JSON                September 2018


                                        "ephemeralPrivateIut": "1DB3456FFA3A40B37D2EFD7B51084340E101280A48DC412BA4C6FC89",
                                        "ephemeralPublicIut": "4A712F5AA0F4E72BD12E07F708EF937468615D865051847C9BA19751A4CA92F3071F42D2646C55EA773530F499E636437D62B0D59492C89BD862210A695433A907B84E76ABFDD09C9B33A61DA3A5621FBD062226F4CDF17F332F797144FFDCB002940BBB709C608279580B6C1196F45BDAA2F4025C2FD09964F13202CB5B37605B59A0FC03C65EEE9B57B2D73436A4D73347C8FE37028308A19AD9309ABE660424EB2949ECA25F1D70E618A5EDD5745E6965227A203B5923266E203A0E30E5199E8CD991C78D5FB4DAC9AF8862A61B300D08E8C80F486CB1E3695E3FBFAF7B5B3A90E74F96856447E158591D012E6EE770E68F91F92E0F56850AD291C8847E49",
                                        "hashZIut": "408FB2DA722F83A8BEF6E4B11B61D6EE3F68F5063AF0F6FF767F9AEDC19454346220F8342D24B4FC1F3A950FFE7DB921586539C2E2BC6BAA75882B3411A348E0"
                                }]
                        },
                        {
                                "tgId": 6,
                                "scheme": "mqv1",
                                "testType": "VAL",
                                "kasRole": "responder",
                                "kasMode": "noKdfNoKc",
                                "parmSet": "fb",
                                "hashAlg": "SHA2-512",
                                "p": "E4E85DB7DF0C5AA669C26DFA7A8920C0580975FA36F761347C081F9631C120C1EFA7E1165859B1564F7EFA2E8825E7CEE0110721DD985CD6AE920FF16459A23D3DF0F7027B0F240364BB81AD3720465AB54663D0E2D87EDA05E1973FE4AB1E8A0E7036C016CA11190B9642C3CE45376C6CEA8160B2F7BE3EE84CC0BCFEA157986A7DAF58208EE0F4819848A2E2DEC3E498CA4445AFD8CCD780E5560A5254D9985E926B384109B75F0143E4AF0464DCF3410B781E8D4C54814B92BA3EBD0B072C19918B4CF3C75C32280AE86EBF8A14D9D215ED4478F9945EE7CF2A8FFEE58CA00519A64971A00CD57D654DC25763A41224441A4E9E9FC6C1DF571C0C0231D4B5",
                                "q": "A1B3E7100F528EE0824F2A5A6F3B022F1ADFBFF02307F5FCC0224F5D",
                                "g": "1AB425960434544374CA03EDAF1AEA9ADC3EACF233D2FDE6A594A58C1BB93F08C8D01B7CE7160FD439A2E6426EBD1E8F63C2B96C679315A7AE8A255B4E531F8379CBFE561A77BB695BE31BF6CF632B1442F93272475FDDE6E74BA02DD8A6F23C18748E13DAA99CE57A952293D490E9330CE4B4992A0EDB60EA88F494F3A424091CF4F62AC8AE0493DDF5F57BD1C14E93B28E536DB874DD89E69310CC70A400727A017BF53C6F5CC54ABFB83ED07C15ACEB055060F62B23F2881CE771B0165338A23487C9BB03388262F97B4CBEA9188B7F6336C59091FA32CC4B885D495518873089401605ECCE5D380E903F0F916A968DCCE0C56074CF3BB1CCE5EFDCD850EB",
                                "tests": [{
                                        "tcId": 371,
                                        "staticPublicServer": "99EA49651F5B300334549841A1076A0DDE62CBF8645393CD755AB265FC68D6A1DF82518E950013E4B0BB7A8BBFC72C7D5C516DB4300A556578EA579505C3A2A89E0EE304C10329E99CB799E49AB8CFEE03E3BC91319058B34FB1E28C0688CDFAB629641BF6BA22032B299EF1C8733D24343E823A7ACD4FF0DC37BBD01C4BC906F5111C0DCE20FCA179EC660F852AC506F5D310FE9C04B4B1B374B502C6777985551CEE0987352AD973C269BD8E994B490557F6D9CA2D11B3BCC8E36873E429A0DC8B410A50BE292F0FF5923D8060D44F6944DFC966AB531D489009C319C82AC210F5FF1C1C7D48B985FAF7D5DD2826AA05D7D58980EE7F0DE6E152B659228C94",
                                        "ephemeralPublicServer": "922B5A91261A6B3891877BF72A82E8A0E2B2236F55A6FA46684488F5BE906D2EC61AC21799E69511E445786D0E2B45BFD3BA6EF4000214DEF828A7EA91968ACA8CF708E8E6706DA701F87461BA216B5DB5D1301919E56D64A37E5CC2D2E68C654AEB33D66CC9EAFDD0EEAB91D978AF503FC246540D5C92B31973EE87F3444B0A6A96E6648AAA46EECCBE55E81180DE8C1934135D338B5BBD05FF7DBB0607D9562DA258398371D9E7E31E496650A3C97B53A68A87C3FC1CF40E4008AE3E1E4AE5BAC482EB161DA9CFC7D9264A2C8EC40CA3C6DB0BAE226F3914ADBFE907585DE265E16192910A2E3458CCF0AC6EAA36B69A755BBC792199EB6E0B1F0AF6EEFD67",
                                        "staticPrivateIut": "49E0A35472359ACD8A57678D6C2C8BA39CA51773686844FEA93231A8",
                                        "staticPublicIut": "2E07FCECF6689EF17EF2186194A7A065ACBEB75118397F48934647A42F3A95EF92695844E6091F8DCEE3D51C7F2662BC17E1881635959FE5BF6C159A7EA797FF67FA47B20E11340B2C690BA4B021536F0CC3C8A58EDA5AF450DEF2ADBE7D16DECF1E8A4413D09B43EB8D3D83B0DA9B78C74FB3567A15806C8F0D004153331FE881C72B0B47DB62BACB960352F6B262EA50239B5D7F54B93569297499D36C0EE1603A899F2DA5111ECA3E1A6F372B4E20E92629E2915579073299B63E9AF019CFA557C5350B4D526FB0B21CC9CCA5223A96839D6B848E91FEE6E2C47DA2A73AFDA3FE05C918F9A21E4F5CEB12D1947120237AA77859EECBDCFA1E3F8D9D6C9F9B",
                                        "hashZIut": "3AFFD88F2D1240C0AACBE43BE34178B69CC65E0215DCF9B126977769C5850F3E04551FC4CE47EC9ED219EA80631013FB79FE19C394DBB4F040824CFD540AC9D1"
                                }]
                        }
                ]
        }
]


6.  Test Vector Responses

   After the ACVP client downloads and processes a vector set, it SHALL
   send the response vectors back to the ACVP server.  The following
   table describes the JSON object that represents a vector set
   response.















Fussell & Hammett         Expires March 5, 2019                [Page 53]

Internet-Draft                Sym Alg JSON                September 2018


   +------------+---------------------------------------------+--------+
   | JSON Value | Description                                 | JSON   |
   |            |                                             | type   |
   +------------+---------------------------------------------+--------+
   | acvVersion | Protocol version identifier                 | value  |
   |            |                                             |        |
   | vsId       | Unique numeric identifier for the vector    | value  |
   |            | set                                         |        |
   |            |                                             |        |
   | testGroups | Array of JSON objects that represent each   | array  |
   |            | test vector group. See Table 18             |        |
   +------------+---------------------------------------------+--------+

                 Table 17: Vector Set Response JSON Object

   The testGroups section is used to organize the ACVP client response
   in a similar manner to how it receives vectors.  Several algorithms
   SHALL require the client to send back group level properties in their
   response.  This structure helps accommodate that.

   +-----------+--------------------------------------------+----------+
   | JSON      | Description                                | JSON     |
   | Value     |                                            | type     |
   +-----------+--------------------------------------------+----------+
   | tgId      | The test group Id                          | value    |
   |           |                                            |          |
   | tests     | The tests associated to the group          | value    |
   |           | specified in tgId                          |          |
   |           |                                            |          |
   +-----------+--------------------------------------------+----------+

              Table 18: Vector Set Group Response JSON Object

6.1.  Example Test Results JSON Object

   The following is a example JSON object for KAS FFC test results sent
   from the crypto module to the ACVP server.


[{
                "acvVersion": <acvp-version>
        },
        {
                "vsId": 1564,
                "testGroups": [{
                                "tgId": 1,
                                "tests": [{
                                        "tcId": 4000,



Fussell & Hammett         Expires March 5, 2019                [Page 54]

Internet-Draft                Sym Alg JSON                September 2018


                                        "nonceAesCcm": "67dc43e8d722e9",
                                        "ephemeralPublicIut": "55b25962987f35576d371abe075741d4b20b04e989d4ea6dcee252b3d90aee720445816127ad49d4d8144e6f5fb4e1d459abbc48bfd419f33489599f4ad56e0f49d9b914d66bd18e159917f390073edeb0a186a25ec07dfa24585555eb0fa73a36551e6f4becf8f18e5154638f9f46539679438d68ba06db780a02416add027b2d36688bf1988d376148d9db6cbe11b6bebe4cadbd0a0a60d73e95d7438d5b8985bd3147f0fa09a638d229a175d0a48cc764d97643b962a202ea0fa283d869e2685b67345cc70771276c584ab6525a803c4649282572637ce378777b1d52cca631d229b052c8f10dbe2f5d408a4a43459b6cdaf4e7f0f6abd12b290b7f253942",
                                        "iutIdLen": 40,
                                        "iutId": "a1b2c3d4e5",
                                        "oiLen": 240,
                                        "oi": "434156536964a1b2c3d4e52009a24c98c92d8a86461fbb212c8193db7a69",
                                        "dkm": "72d5339d984529cf25ecca527c273282",
                                        "tagIut": "fa3ab95a72aac9c0"
                                }]
                        },
                        {
                                "tgId": 2,
                                "tests": [{
                                        "tcId": 5000,
                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 3,
                                "tests": [{
                                        "tcId": 421,
                                        "nonceNoKc": "1ED327DA0EF730995949D0DFAA00ADCA",
                                        "staticPublicIut": "C915231FFD84E47A3584708102B28B4370EB8CB0EFC3E98F36B658D2ABFADD481D19D0B501553E7B095E1B66AAEB4F268CC978F7EF7B5441BF50403BFABD5D901A23A6CAEB01513CFB7512F05DECDA01A8DBE585A28FF1F80B8185823407A3A9EED7BAC623C90AEC613AAD1CE4CA83D6AC8B852DF433A18029DCFA3232FE3B99DAA3E35A1EFF7FD66C590AA0C73F80747A948DC42910AFC84FD14018A8234E1671DF1D0A0B0F85A56D2E48BB268B52E753FAE3D1EBF0B9A0DE9502D4AB37861ED242C590A510CF480DA67616C2A006FEC413C1B15A7A0B0D059B74C83037C49F33DE862DB5FD1A884AF6DA14F4A4F1C06017A04340FE4C3771516DFCCB9C1C07",
                                        "ephemeralPublicIut": "B9A09B0644960023F5E56E1CFCAA3EFC87AE7D5A3674053E8F16C7602BB49B4033774AA4C09F47635D3AB4617CCA60987455B4100476CF7EFD6719205CE03033A4184163320ED1F2542815C0063EB8A2BC0A584F625859B379F057E6C5C7CBDEBC4F51023BDCC8E336F2D2125EC5036EBBC6F4421C2179EDB00FFD94244E6FD4A3BAAC7E031191A93B56705C0467C7FFF99A141228E7346F4C2E8F6882DAB4E963CBCB854B1B026533623318836127D5B255180D56446EB2A89173758AE6B9C3CA4AD4DAEFDA7065EC4A1A87827784F748739445C9B8720D08534835EAE4867EA1A23695A9C5DD5A2C92DA0B032ECA40205FF6A78D8F427749BF48AAF25156D1",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFECAFE3E3188BE5726763063BBC77815C4CC",
                                        "tagIut": "7F7A2CDFAA8B7C18E76D0FF243A7611A"
                                }]
                        },
                        {
                                "tgId": 4,
                                "tests": [{
                                        "tcId": 441,
                                        "nonceNoKc": "DC04E3B3C2E0C0F14CDB425D04B48E58",
                                        "staticPublicIut": "7B08F4AFA4D47B8CD75C7C8A777983153007268B09250648ACB476E7E61A6441FA2E9E2160A14D2CD452BA250C1CB316B9A80EEC591DCE8D7FFBFEB1356CBD5DC0CA6849691340C1C8C658895A252798B53A7FA6378FED62B8727E2AB1E81BB3B2561A19A933E5EBB0152D2B2BBD1E0B98E2DDDCB42B03B721CF02BA1A024EF64EFAA7302B9316607E768AC7B9FA35FE85B9655AB6304D9C608FCB7C706B2C7DF7053C9FD584ED88702F017E18C96834B5D6A5C6B3E800F3FC6F4F8D051369D90D770F282CA4CF3DD5153F244B39A230E2BB8B806F5B4983A6AD7634132748032A350B146058AAC4D71145CB443410B0062646FF36164D57D5CBC2F8872BC68A",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFECAFE6C9DC1203604F366F59FD2CD1D06BB",
                                        "tagIut": "69B9840FF2ECE380843658FF6D84AEBD"
                                }]
                        },
                        {
                                "tgId": 5,
                                "tests": [{
                                        "tcId": 461,



Fussell & Hammett         Expires March 5, 2019                [Page 55]

Internet-Draft                Sym Alg JSON                September 2018


                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 6,
                                "tests": [{
                                        "tcId": 511,
                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 7,
                                "tests": [{
                                        "tcId": 561,
                                        "staticPublicIut": "10AA2F9E9574A42B0F99DBD5F1A56F13AA5B90CD2728F7E5A0EADE798C0CDE62B6FEAA55DB9CFA6BE92EB3EA3A36678741CF0622C78A9149C7554D17D942C120D877AF93972247641CBDDB8D89F73B738BFB9C91A8D24EC328510059C5472265DA51E9B596EFC2567625FFE44AD746E142E1C8B0B15D554303E51768F1B44C9E4972E796F2241F3CB8D8D7DAB990B75FC4B0AD10F2A8A8C471E893DFDC9227CA6CDB0C6FC5A64E95B17DC95A6FF9ADA8C33DB82D9340CFB546A8B53D09710BC285DD83371279FAA728D9008F0CBA6566EABB5EDF29F46333EAE9E34B3D5924999C0E5E7F990DD1F19C774BF8D085ED0D4357873FB3E421CA0A212264D7450C0B",
                                        "ephemeralPublicIut": "815229B735BDC1AED41649920687737A7A913EC74CE050A17678B5550A549F2255B7A79C96B6A10ADE102A5C40C8AA8A6AB34270C17597F575F7F42222C2D394385CC3B21946570650FC5B04A7E307416722D0FB6BB3D5E65323B907DBB28B6CAE5341462BC9AA20EFC309638C18891D4FC949A038267839E60CAD9A551B27C61E4B581D17180CF2F8867D7C7260B5DCB4FFF4D70945ECC5F113D60A58FE4058F139CB26818DB3ADC4BE6367CE398FFFFCC1FE2FF3604BF41626E3C67A7BE4561F5F22C52A1D1640D98DDBE56ABD330CF5249398BDF0E13AC7C02997A7D1CECD079DAC3C1B5CD6646FC409B34647B31D15DFF17F95F451AD063714E343C01A00",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE1234DFD3219FB9293975E00069B19B786B",
                                        "nonceAesCcm": "37CC8408E6C20632",
                                        "tagIut": "DD6BDAABD4395A0DE058F7FE38C74E99"
                                }]
                        },
                        {
                                "tgId": 8,
                                "tests": [{
                                        "tcId": 621,
                                        "staticPublicIut": "79CB5FBE3926516FC6061570EF17B2D8B657FE21E60A15335EDBB7010902167C0A743C894595E1401317E151FF73B27A5D1DE932E04A65F004461C0ADC2B6B5C37C72CDB2953197CF0C3A0480E44EFD757BC4571767009371A83D82A473EAC67CF653C65DDB77A9F4F75F1A363448DDED9F2DFD6CBC82455DAD27E05C7E4D63ED3E6E74D51748B66FD8F1824811B2A425611E8717EACD78122826048A9CED2BA33981CE225E9ACAAD3D5B7191976FAA819EFE44B754B007301EDE1FA8E60B16E7035CC3845D6E1C782A00813E6FBD56D08100A25CC5346629CADF12D613ABB1E24FFB21167E73F6D8296380AD06DD0B05766CDF11A9418E94517B190C161FE16",
                                        "ephemeralPublicIut": "3E96095F6A9BD9869EF46BFF0DCD6FA2C998B1C6274D735DCC1FC06E152D4B2606CFA5F844E9DA240C37DAEAFD03C924D8AF34F24204E3CCED0A664C1D3C21676A21CD70F5FE0B07AB663BE13BE2800A1ACD0C61F6F8A27017A0FAB9A0066A03B5863A19D9F4646D134203C85EDA4A06F9872FBE28D83374ECE498A23195D9434E9DC8C2E6ABFAC6352E0CEE4419DEB8F57EEFC740FEA7A1DB3A17A342FAF69433E32903B314F18FD672C56644A23A7569A0E8878B8DC4BFBE330ACBB4D1ADD2006EB8EE09B56AC04D6CB62CB3027FF8D38A080F23C390E4EAC200D57B58817AF557DBB96D31E46E9FC3A55D4B288F070EFE6D08F16EA665E127284B578E8A46",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE12346485B01764B240882CA93582E428D0",
                                        "nonceAesCcm": "E660DC439C9112B0",
                                        "tagIut": "EE9B29AF0C99A4467473CBB62640887B"
                                }]
                        },
                        {
                                "tgId": 9,
                                "tests": [{
                                        "tcId": 701,
                                        "staticPublicIut": "5C9E65226A043001C097C1783534FD0D83CC6241E90D23BFF3F1DA6398C98351339947D5BF39E46028B665022BA38AA19B4A2BA9AC2BA98AA86B39E9E104A2EF6DB3104F1BB47D25A09435643ED4B9F0671A5C28289DE1238BBE400DE8EE0846880F28B946AB3125F39854A1C758A234A8FBB2CCBB5B81AB52D84FF10545038F3802794551340544596B458B6422B5C1A5140ECE434852155CCF1EA8050E053199991AB20225E34CB49143CA908EB56ABCE518E2B5EF511CBCF79CE9ECE72E1DA9E62DB7C046474355416FC45B9F2043941C15AB17DE723BA0F28FEDE17FCC7C02E7AFCDE1E0E324616996BACC7EB327788644A17B8EF63D2BCA8E87843DF6B0",
                                        "ephemeralPublicIut": "96AC319C263ED125BC72A44A672DAE6AF5106206F06F71FC2B7410EFA611A39F4892F34ADB553B3E00AE6D2E6E92626D78214718C5B086A11C6E30583C6DF170E1994AF4EB3181D8C7237D1105C6D0D5AD0D63FEE6FC7BEE1B2ED5BB7563A76D2658AA8A0BF75311EB4BDC1FCA4AAD8EF2669C7756810B002A5B59B10861010E515BB7F5C3F7F5A1178B10BB264C4458C020C8DDC57218A8744712B1FB9F4E4ED5246474BC4F8F30706867848C1EEC3D426EF61B8728F9015570CC2727047566F1B09146CA68FA08E19604600F914195AC012A97EE70E9A16B467CD3B32A11828A92EC05B104A8A00ADBD249E59BB9F1D261936F0E8E05CD76DE889F8A05F8A3",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE12340D4994262F58263CE2A09FB84E1936",



Fussell & Hammett         Expires March 5, 2019                [Page 56]

Internet-Draft                Sym Alg JSON                September 2018


                                        "tagIut": "C89F779369214060CE5616A76C3C57C3"
                                }]
                        },
                        {
                                "tgId": 10,
                                "tests": [{
                                        "tcId": 741,
                                        "staticPublicIut": "4DAEDC3087655E4A1711063D04773B346D6182701263C83F2488E483D94A34250D3B97575CBB55FE0287ED11B6C5220A7A89E45FCBA01DD979E6948C1BE36BAD13A8895D6B6268B05485A9CFDDB51573ADFFC2DDA7D91337D61301F024C9FB45BE78E3A2A9F66834EB5BDABC31A06A13E0F125A6DAE2FAED3CFEBC6EA8FD1A165E023CEB102FF05DCDCB56590DF312238D81E496738DCE35392D6FEA9C6156AB0E19968C734E265AD231BCB7F32D8494C2EE8F47FDAB9776A95482BC0A0D164CADA29473D5F743C8906B37085A8D05361BE5B46404447BA6F0CD98777BD8F9F7046A783D9F119550DB4F4468BBA5DB7A4357D70F09CFD51AD09C6D961B976D08",
                                        "ephemeralPublicIut": "D814144AA499FA7A5F8CDB6FD643AFBF0719F46F7CA66B5647F5940616E3E448E8C80C394041BD79CEE869A5675244330CDAEBC5E36F90B4BBDEFD8B2AA659D27D9116A315DC47E7417A0F6A8E12A2EAAF029C567289C7394E4107F0B621C2DC87278C8613BDA388883081D9E90E681E1A531AC1B1F3DB6B36D3767D2092B1210023BD35FDFBE146D04ED593AAB0F8EBB6AB1A1275328ADADADB95E972BDBEB9176A0322F170744702CAD55301B1C56047858C40F1E1CC31D8B4E679F8A6287BE755BE545C150AE8CF588BA9EA475EA2E122091A1B6F20C3DE4458E791F0A22DB999738D9EA6E0D5F309A00136B437937DD681951F95F826AB54DBD54866E425",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "A1B2C3D4E5434156536964CAFE12349D4938C5E98D90A0B7C87EAD5BB5A7",
                                        "nonceAesCcm": "2F186CD57426963A",
                                        "tagIut": "FBBA6F4C22B9576E33D50168A57BCA52"
                                }]
                        },
                        {
                                "tgId": 11,
                                "tests": [{
                                        "tcId": 801,
                                        "staticPublicIut": "C365B6B78380B5E84C1F467D30C1B5222BC84881D75C2255163727D4D1BEA003AB91AE226149DB71609F903A484992463B1F7062FC209808894AA08733F80FC328E2287CF58709EC148B50208D140FA7396759B416F4E45B8550E4F6A0C103A99EDE42E1E96C4BB294EF0BED4062F7E6C93A38BB0596C3B4D60D95D0EDB88341C28191D2FF89327F1E15BC8832FF7FEFEE39C6B7BEBE3990FF264644FF7796F87E1F37AF5CE028FBED60DD1C494609ABD5F8D569C5EFB7133D9CD3C21C329AFBDA840C7A50E32F679E7F70C58F487E99B1C00E3B35D90C03811409B88DBBED0A459AAB139D8AC2A643E9BC3FD83F763C1ED0794ABD0F820F0CFD0198CD463A13",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE12344BF1519741142E9F0FB37B10F6C15C",
                                        "nonceAesCcm": "D0D5B47C412EEF48",
                                        "tagIut": "3B8FC751CA4DB7EB379DDBFD7A254727"
                                }]
                        },
                        {
                                "tgId": 12,
                                "tests": [{
                                        "tcId": 861,
                                        "staticPublicIut": "BA4ADE415B3E0A2A88595BE522D77A2963A5B843C0F8E457861A9BDBE8BF4B8769BED1A0D822E988B1089A91DAA498A07A63C10A23525A835159EC02880AD3C26401C67B021DC9B42F980BE7E59075F6AE5CD121C297E1C534B1F8FEB3498381AB14737FA6770727C669A6ABE0789ACCF0D67B32871C1C6A01EACB9541110DEC002EBA820FFF567FBB60119AE43A18F45811058771B2EA3D50CA6A0ADCD75E8667DA97B3C1879C780EC0C7B5F4C25939D0A968A9D5CAE588192CC3F55291C260D238B79B50CF2324FA08C3BC3D68642658AB405A2B5E37440C8F300744B84F991473D8CA88601D5687390EA445499E9EB749F5A4C9CD11C73B941CCB1713772D",
                                        "nonceEphemeralIut": "DF3C33CC7A92236708D9CDEFDC25AD0BE92C13E03C1376710A27C922B1BFB5610474A64A801B81FC031B5F2837BABF362CA4B6F25840698686B4E7FB8E2682680204AA9C5CD9AFA01F6C20A59AFD26F12357483428B865AF11032430BBA06824C1F9265DACE38E75D8DEAABEF07A89ABE4A29CF64A44622961577FEA4F877EC92A112023A80B94BF4D93788AE1C70690EE73B83A6A9335E21DCF6840A2DC0851698C86F60B771E9DDC06897F2680F8C99722C757D8E855B1072C9BC7A870C6D7129F0ADA919DB2B5CB9122BF443C0EB99710B168B31AF074661794BE2DE92EFFC6CDBB35398FDA498B7A72C95CBCC99BEAC8B1D6708CA5CED444696BE73D2F3D",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE123432318DE92AF1C6652ABDDAFE55EEC0",
                                        "nonceAesCcm": "EDE971BC462678E6",
                                        "tagIut": "5EA618600A8286A912DE41B376117757"
                                }]
                        },
                        {
                                "tgId": 13,
                                "tests": [{
                                        "tcId": 921,



Fussell & Hammett         Expires March 5, 2019                [Page 57]

Internet-Draft                Sym Alg JSON                September 2018


                                        "staticPublicIut": "A1A36FEF2BF595E6F121E5DDC06BB73E309A602BE7559111766CB89A4C0A525DEBCCC26E3A86130381DED487BBC294AFF8D0CFB4A3F9AE38C779D13B6B4E03FC6339D7C53FCF9BA40176DBF1D8DF680ABBA8C56CB3C6A087A3B1D8DB5AF079317A051A881C5BACA5BC4DB3BE3AC88CC4E0E895101744BFE2E1B902CF9D6D4D5DEC154DC1F75A2368554F31A238FCB002B586BBEF45D8DDD44D2D3F5971A7EAF1B58B31C375350C391088C9B6AA603E85D10D722FEA17D4FD89FC4863E3CC7EAECFCDF340D2C6F1FB306847F99C95F1EE3B014CE3B29427D79816E818F13CC34E18D932292D0C787946F4E0C32DB557123CD06E1A6FEEDB71FFA756E09068F802",
                                        "nonceEphemeralIut": "1D57658278BB2DDB8C284C7E5FCC875E2A1F5DDE68E5C2FB07373D1799EFD20438BCB654DAD4009D33C54914352405174234501C90F505D3AC3F57785861A0D53C81A364E3CA927A3CEDD46DB96E3A5FB0967839C50E86DB21991E6C4F3D8A083202827083B5ADBB6D152B16D0266DCAABA6B6E369D3D7BFF22619918500906704A4942639E6066679E10D9DCD78023A2AA36DDFA48EACC728BC56891B269D7BB2F98FD261986E19865A72169A007B48B035B7227B42609377F5BEA8FF8CC1EBF8A79D49C1B26FE2C6E922052224BCE7645516DC12952250425085D07A3402A960943A56E8E09EC711CAB79E93A3E4FDC639DC0236218032FE86295F7A81AD7E",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE123465F78C6B19AFBF62FE90B780163332",
                                        "nonceAesCcm": "35DEA4B3B6FE3427",
                                        "tagIut": "F8D33BFEB681D38E69EFB88C837093F4"
                                }]
                        },
                        {
                                "tgId": 14,
                                "tests": [{
                                        "tcId": 981,
                                        "staticPublicIut": "746BD74D66E42D7705FE779EE9B26620867E72CFC9B1759259395B17243800A52EC6B97D785BDDCAC62E95C03A1F79255D4F46617DA41FF2A29DE41F21630916D1B202C66A8E9336783E8B54829655DFCD16A9C41DF747E8EE2758BA7F91B811648CAE2A057B61644180E6B9517BFFF46B5BB9FE0E68F48C39DCD84EBE2117BEA2A6820F8815FF788572FDC961E9C69EB311BE3EB54FD0B90C1A50EA7351A4B2FF1510D79AF68FC196FD65E3DC7452396A08663AD397DDDABEF6E371AC077687D620248034752ACFF2EC11F8B2FCFB682930705318E7731742EE1E93A36A44CD9517133D88524CF8A73BF0E945D485F46B67F816ED8308897868F2989C1EA8CA",
                                        "nonceEphemeralIut": "6EDF0CCE8BD793CB76F46769C90B2F7778A86DD16DA555DCBB102A0894887174A19178D752274A712276A863188B6ACFFB79FA3AF17FE8E6B75FF6D649B6411F577FF533DB2BF072E25E50558B0D3CB1E773BFD6A8C9F396C4530343992DD073CB3470543C5143BA50A203E515AC3ABBA28F03192A0D53C8D331851FE64014E5436602C6C8DE40EA8CE9E4FB91C7C84A72EA83AE1214DACEFA39327D3CD0A4349D94ACDEF6ADA5263E162D04DC4E0106AFC1EF8A75B27AF044F9736D057F00BAEDC14A93CD770B6274F9608C041FC76EA738FC3C8A91F5E8287A56020F1A209EA23223A4BDA83FACFE7A1C6B9BA26A9AFB8387261EA3EC1165083C0D2409DC91",
                                        "idIutLen": 40,
                                        "idIut": "A1B2C3D4E5",
                                        "oiLen": 240,
                                        "oi": "434156536964A1B2C3D4E5CAFE1234F959F05CEA78C5C1F03F9BE78ABAA6",
                                        "nonceAesCcm": "B45755807B729C8D",
                                        "tagIut": "CC6DADBD739FE9ACCE2F1A29C710DF76"
                                }]
                        },
                        {
                                "tgId": 15,
                                "tests": [{
                                        "tcId": 1041,
                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 16,
                                "tests": [{
                                        "tcId": 1191,
                                        "testPassed": true
                                }]
                        },

                        {
                                "tgId": 17,
                                "tests": [{
                                        "tcId": 1341,
                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 18,



Fussell & Hammett         Expires March 5, 2019                [Page 58]

Internet-Draft                Sym Alg JSON                September 2018


                                "tests": [{
                                        "tcId": 1491,
                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 19,
                                "tests": [{
                                        "tcId": 1641,
                                        "testPassed": false
                                }]
                        },
                        {
                                "tgId": 20,
                                "tests": [{
                                        "tcId": 1791,
                                        "testPassed": false
                                }]
                        },
                        {
                                "tgId": 21,
                                "tests": [{
                                        "tcId": 1941,
                                        "testPassed": true
                                }]
                        },
                        {
                                "tgId": 22,
                                "tests": [{
                                        "tcId": 2091,
                                        "testPassed": false
                                }]
                        }
                ]
        }
]


6.2.  Example Test Results Component JSON Object

   The following is a example JSON object for KAS FFC Component test
   results sent from the crypto module to the ACVP server.









Fussell & Hammett         Expires March 5, 2019                [Page 59]

Internet-Draft                Sym Alg JSON                September 2018


[{
                "acvVersion": <acvp-version>
        },
        {
                "vsId": 1564,
                "testGroups": [{
                                "tgId": 1,
                                "tests": [{
                                        "tcId": 3000,
                                        "ephemeralPublicIut": "5067495e06d0c6dfd6eada5607f3dc7b9bf93eeeb7513119860f5d60ef332823b0ba58af2ecb7ab2cbccee87ccf232a02c27affb167e1a86811090262771c0fb5574c89ffb1288cd1d0096c0bb62add57fd3fa691ee1152b632778016a1a0c4ec2fce5ade1d3d1d2ae5c5a1a71e1a90dc648b384222e22357b8301536866d70b91a37ff3d88d444ed3e531b19939f3dfa33c4782ec195060cb35a13e0bad6f1f9c9be10720bb1055af93e16999c97d127fde52f16060080656810954f4cf745a57a3909327b2eaaa3ea5b9fa794f186658b186974861a00ee59b125c06398b835de09d2b340f7f0254e69339bdc4257b11543a300e1b8c615cd3a64838ce0d09",
                                        "hashZIut": "39de343caa24b36f02ce0d3b08a7c5f553c7f5f0f65dcca10855a3fed89efd475156b51bfdfb1509e7898ca7bdf57a5485f68c82f4dffe8f1d7fb7b13a0de933"
                                }]
                        },
                        {
                                "tgId": 2,
                                "tests": [{
                                        "tcId": 5000,
                                        "testPassed": true
                                }]
                        }
                ]
        }
]


7.  Acknowledgements

   TBD...

8.  IANA Considerations

   This memo includes no request to IANA.

9.  Security Considerations

   Security considerations are addressed by the ACVP specification.

10.  Normative References

   [ACVP]     authSurName, authInitials., "ACVP Specification", 2016.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997, <https://www.rfc-
              editor.org/info/rfc2119>.






Fussell & Hammett         Expires March 5, 2019                [Page 60]

Internet-Draft                Sym Alg JSON                September 2018


   [SP800-56a]
              NIST, "Recommendation for Pair-Wise Key-Establishment
              Schemes Using Discrete Logarithm Cryptography", April
              2018,
              <https://nvlpubs.nist.gov/nistpubs/SpecialPublications/
              NIST.SP.800-56Ar3.pdf>.

Authors' Addresses

   Barry Fussell (editor)
   Cisco Systems, Inc.
   170 West Tasman Dr.
   San Jose, CA  95134
   USA

   Email: bfussell@cisco.com


   Russell Hammett (editor)
   G2, Inc.
   302 Sentinel Dr Suite 300
   Annapolis Junction , MD  20701
   USA

   Email: russ.hammett@g2-inc.com


























Fussell & Hammett         Expires March 5, 2019                [Page 61]