Skip to main content

The Advanced Encryption Standard-Cipher-based Message Authentication Code-Pseudo-Random Function-128 (AES-CMAC-PRF-128) Algorithm for the Internet Key Exchange Protocol (IKE)

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>
Subject: Protocol Action: 'The AES-CMAC-PRF-128 Algorithm for 
         the Internet Key Exchange Protocol (IKE)' to Proposed Standard 

The IESG has approved the following document:

- 'The AES-CMAC-PRF-128 Algorithm for the Internet Key Exchange Protocol 
   (IKE) '
   <draft-songlee-aes-cmac-prf-128-04.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Russ Housley.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

  Some implementations of IP Security (IPsec) may want to use a pseudo-
  random function (PRF) derived from the Advanced Encryption Standard
  (AES).  This document describes such an algorithm, called AES-CMAC-

Working Group Summary

  This document is an individual submission.  It is not affiliated with
  any IETF Working Group.

Protocol Quality

  AES-CMAC-PRF-128 is one of several choices for the IPsec PRF that can
  Be negotiated using IKEv1 or IKEv2.  We believe that AES-CMAC has been
  implemented by at least INTEL, Runcom and SAMSUNG, and we believe that
  other vendors are developing AES-CMAC for their IEEE 802.16e products.

  This document was reviewed by Russ Housley for the IESG.

RFC Editor Note