Skip to main content

The With-MAC key-wrapping algorithm for Cryptographic Message Syntax
draft-herzog-withmac-keywrap-02

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Jonathan Herzog , Roger Khazan
Last updated 2013-03-11 (Latest revision 2012-08-27)
RFC stream (None)
Intended RFC status (None)
Formats
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

Abstract

This document describes a new key-wrapping algorithm to be used in the EnvelopedData, AuthenticatedData and AuthEnvelopedData structures of the Cryptographic Message Syntax. Because these structures do not provide data-origin authentication, a recipient cannot cryptographically verify that the plaintext received was the plaintext encapsulated by the message's original sender. The With- MAC key-wrapping algorithm allows an EncryptedKey value to hold both a wrapped symmetric key and a MAC value on the data to be authenticated. When used in EnvelopedData, AuthenticatedData and AuthEnvelopedData structures, therefore, these structures can achieve data-origin authentication (in some circumstances) using only symmetric-key algorithms. This is useful in cases where the structures must be generated by entities without certified digital- signature keys.

Authors

Jonathan Herzog
Roger Khazan

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)