Combined 3DES-CBC, LZS Compression, HMAC, and Replay Prevention ESP Transform

Document Type Expired Internet-Draft (individual)
Authors Robert Monsour  , Michael Sabin 
Last updated 1996-10-23 (latest revision 1996-10-22)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document proposes the '3DES-CBC-LZS-HMAC-Replay' security transform for the IP Encapsulating Security Payload (ESP). The proposed transform combines triple-DES encryption, LZS compression, HMAC authentication, and replay prevention into a single packet format. The transform is compatible with implementations that do not support compression and with implementations that support only single-DES encryption. Compression is performed prior to encryption, which has the side benefit of reducing the amount of data that must be encrypted. This document is based on the IPsec Working Group's proposed 'Combined DES-CBC, HMAC, and Replay Prevention Security Transform,' cited later in this document.


Robert Monsour (
Michael Sabin (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)