why is index "a non-negative integer less than $2^{64}$" in the KDF for UMACs?

Question

https://www.rfc-editor.org/rfc/rfc4418#section-3.2.1 describes the parameters for KDF as follows:

   Input:
     K, string of length KEYLEN bytes.
     index, a non-negative integer less than 2^64.
     numbytes, a non-negative integer less than 2^64.

My question is... why is index defined as "a non-negative integer less than $2^{64}$ when the largest value that's ever passed to it is $4$?

It's called in the PDF function with a parameter of $0$:

  K' = KDF(K, 0, KEYLEN)

...and in the UHASH function the highest parameter that it ever goes to is $4$:

 //
 // Define total key needed for all iterations using KDF.
 // L1Key reuses most key material between iterations.
 //
 L1Key  = KDF(K, 1, 1024 + (iters - 1) * 16)
 L2Key  = KDF(K, 2, iters * 24)
 L3Key1 = KDF(K, 3, iters * 64)
 L3Key2 = KDF(K, 4, iters * 4)

So why not say that it's an integer that can have a range between $0$ and $4$?

Answer 1

Because of this:

   T = uint2str(index, BLOCKLEN-8) || uint2str(i, 8)

uint2str obviously creates an encoding of an unsigned integer of at least 64 bits, given that the block size is at least 128 bits / 16 bytes. So for a 128 bit block size you can have a number between 0 (inclusive) and $2^{64}$ (exclusive) before you run out of bits.

It's a better question why numbytes is not below $2^{64} \cdot 8$ or $2^{67}$ as there is clearly some space left, how much depends on the block size. Of course, neither variable needs to go very high in practice, as this is a KDF, not a stream cipher. For the KDF to be secure, it is just important that $T$ is unique...

---

As I expected, I quickly found this quote to cement my suspicions:

In any case, BLOCKLEN must be at least 16 and a power of two.

although AES - and therefore a block size of 16 bytes / 128 bits - is assumed. So there you are: the index must be less than $2^{64}$ because that's all there is space for within this scheme.

---

Note that "str" usually refers to an octet string - also known as a byte array or simply a span of bytes in memory - in specifications such as this one.