The NULL Encryption Algorithm and Its Use With IPsec
RFC 2410

Document Type RFC - Proposed Standard (November 1998; Errata)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2410 (Proposed Standard)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                           R. Glenn
Request for Comments: 2410                                          NIST
Category: Standards Track                                        S. Kent
                                                                BBN Corp
                                                           November 1998

          The NULL Encryption Algorithm and Its Use With IPsec

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1998).  All Rights Reserved.


   This memo defines the NULL encryption algorithm and its use with the
   IPsec Encapsulating Security Payload (ESP).  NULL does nothing to
   alter plaintext data.  In fact, NULL, by itself, does nothing.  NULL
   provides the means for ESP to provide authentication and integrity
   without confidentiality.

   Further information on the other components necessary for ESP
   implementations is provided by [ESP] and [ROAD].

1.  Introduction

   This memo defines the NULL encryption algorithm and its use with the
   IPsec Encapsulating Security Payload [ESP] to provide authentication
   and integrity without confidentiality.

   NULL is a block cipher the origins of which appear to be lost in
   antiquity.  Despite rumors that the National Security Agency
   suppressed publication of this algorithm, there is no evidence of
   such action on their part. Rather, recent archaeological evidence
   suggests that the NULL algorithm was developed in Roman times, as an
   exportable alternative to Ceaser ciphers. However, because Roman
   numerals lack a symbol for zero, written records of the algorithm's
   development were lost to historians for over two millennia.

Glenn & Kent                Standards Track                     [Page 1]
RFC 2410                     NULL and IPsec                November 1998

   [ESP] specifies the use of an optional encryption algorithm to
   provide confidentiality and the use of an optional authentication
   algorithm to provide authentication and integrity.  The NULL
   encryption algorithm is a convenient way to represent the option of
   not applying encryption.  This is referred to as ESP_NULL in [DOI].

   The IPsec Authentication Header [AH] specification provides a similar
   service, by computing authentication data which covers the data
   portion of a packet as well as the immutable in transit portions of
   the IP header.  ESP_NULL does not include the IP header in
   calculating the authentication data.  This can be useful in providing
   IPsec services through non-IP network devices.  The discussion on how
   ESP_NULL might be used with non-IP network devices is outside the
   scope of this document.

   In this memo, NULL is used within the context of ESP.  For further
   information on how the various pieces of ESP fit together to provide
   security services, refer to [ESP] and [ROAD].

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in [RFC 2119].

2. Algorithm Definition

   NULL is defined mathematically by the use of the Identity function I
   applied to a block of data b such that:

     NULL(b) = I(b) = b

2.1 Keying Material

   Like other modern ciphers, e.g., RC5 [RFC-2040], the NULL encryption
   algorithm can make use of keys of varying lengths.  However, no
   measurable increase in security is afforded by the use of longer key

2.2 Cryptographic Synchronization

   Because of the stateless nature of the NULL encryption algorithm, it
   is not necessary to transmit an IV or similar cryptographic
   synchronization data on a per packet (or even a per SA) basis.  The
   NULL encryption algorithm combines many of the best features of both
   block and stream ciphers, while still not requiring the transmission
   of an IV or analogous cryptographic synchronization data.

Glenn & Kent                Standards Track                     [Page 2]
RFC 2410                     NULL and IPsec                November 1998

2.3 Padding

   NULL has a block size of 1 byte, thus padding is not necessary.
Show full document text