Photuris: Extended Schemes and Attributes
RFC 2523

Document Type RFC - Experimental (March 1999; No errata)
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html bibtex
Stream Legacy state (None)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state RFC 2523 (Experimental)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                            P. Karn
Request for Comments: 2523                                      Qualcomm
Category: Experimental                                        W. Simpson
                                                              DayDreamer
                                                              March 1999

               Photuris: Extended Schemes and Attributes

Status of this Memo

   This document defines an Experimental Protocol for the Internet
   community.  It does not specify an Internet standard of any kind.
   Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1999).  Copyright (C) Philip Karn
   and William Allen Simpson (1994-1999).  All Rights Reserved.

Abstract

   Photuris is a session-key management protocol.  Extensible Exchange-
   Schemes are provided to enable future implementation changes without
   affecting the basic protocol.

   Additional authentication attributes are included for use with the IP
   Authentication Header (AH) or the IP Encapsulating Security Protocol
   (ESP).

   Additional confidentiality attributes are included for use with ESP.

Karn & Simpson                Experimental                      [Page i]


RFC 2523                 Schemes and Attributes               March 1999

Table of Contents

     1.     Additional Exchange-Schemes ...........................    1

     2.     Additional Key-Generation-Function ....................    5
        2.1       SHA1 Hash .......................................    5

     3.     Additional Privacy-Methods ............................    5
        3.1       DES-CBC over Mask ...............................    5
        3.2       DES-EDE3-CBC over Mask ..........................    6

     4.     Additional Validity-Method ............................    6
        4.1       SHA1-IPMAC Check ................................    6

     5.     Additional Attributes .................................    7
        5.1       SHA1-IPMAC ......................................    7
           5.1.1  Symmetric Identification ........................    8
           5.1.2  Authentication ..................................    9
        5.2       RIPEMD-160-IPMAC ................................    9
           5.2.1  Symmetric Identification ........................   10
           5.2.2  Authentication ..................................   11
        5.3       DES-CBC .........................................   11
        5.4       Invert (Decryption/Encryption) ..................   12
        5.5       XOR Whitening ...................................   13

     APPENDICES ...................................................   15

     A.     Exchange-Scheme Selection .............................   15
        A.1       Responder .......................................   15
        A.2       Initiator .......................................   15

     SECURITY CONSIDERATIONS ......................................   16

     ACKNOWLEDGEMENTS .............................................   16

     REFERENCES ...................................................   17

     CONTACTS .....................................................   18

     COPYRIGHT ....................................................   19

Karn & Simpson                Experimental                     [Page ii]


RFC 2523                 Schemes and Attributes               March 1999

1.  Additional Exchange-Schemes

   The packet format and basic facilities are already defined for
   Photuris [RFC-2522].

   These optional Exchange-Schemes are specified separately, and no
   single implementation is expected to support all of them.

   This document defines the following values:

   (3)   Implementation Optional.  Any modulus (p) with a recommended
         generator (g) of 3.  When the Exchange-Scheme Size is non-zero,
         the modulus is contained in the Exchange-Scheme Value field in
         the list of Offered-Schemes.

         An Exchange-Scheme Size of zero is invalid.

         Key-Generation-Function     "MD5 Hash"
         Privacy-Method              "Simple Masking"
         Validity-Method             "MD5-IPMAC Check"

         This combination of features requires a modulus with at least
         64-bits of cryptographic strength.

   (4)   Implementation Optional.  Any modulus (p) with a recommended
         generator (g) of 2.  When the Exchange-Scheme Size is non-zero,
         the modulus is contained in the Exchange-Scheme Value field in
         the list of Offered-Schemes.

         When the Exchange-Scheme Size field is zero, includes by
         reference all of the moduli specified in the list of Offered-
         Schemes for Scheme #2.

         Key-Generation-Function     "MD5 Hash"
         Privacy-Method              "DES-CBC over Mask"
Show full document text