Use of the IDEA Encryption Algorithm in CMS
RFC 3058

Document Type RFC - Informational (February 2001; No errata)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 3058 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                          S. Teiwes
Request for Comments: 3058                                   P. Hartmann
Category:Informational                             iT_Security AG (Ltd.)
                                                               D. Kuenzi
                                                      724 Solutions Inc.
                                                           February 2001

              Use of the IDEA Encryption Algorithm in CMS

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2001).  All Rights Reserved.

Abstract

   This memo specifies how to incorporate International Data Encryption
   Algorithm (IDEA) into CMS or S/MIME as an additional strong algorithm
   for symmetric encryption.  For organizations who make use of IDEA for
   data security purposes it is of high interest that IDEA is also
   available in S/MIME.  The intention of this memo is to provide the
   OIDs and algorithms required that IDEA can be included in S/MIME for
   symmetric content and key encryption.

1. Introduction

   This memo specifies how to incorporate International Data Encryption
   Algorithm (IDEA) [IDEA] into CMS or S/MIME [SMIME2, SMIME3] as an
   additional strong algorithm for symmetric encryption.  For
   organizations who make use of IDEA for data security purposes it is
   of high interest that IDEA is also available in S/MIME.  The
   intention of this memo is to provide the OIDs and algorithms required
   that IDEA can be included in S/MIME for symmetric content and key
   encryption.

   The general functional capabilities and preferences of S/MIME are
   specified by the registered list of S/MIME object identifiers (OIDs).
   This list of OIDs is available from the Internet Mail Consortium at
   <http://www.imc.org/ietf-smime/oids.html>.  The set of S/MIME
   functions provided by a client is expressed by the S/MIME
   capabilities attribute.  This attribute contains a list of OIDs of
   supported cryptographic functions.

Teiwes, et al.               Informational                      [Page 1]
RFC 3058            IDEA Encryption Algorithm in CMS       February 2001

   In this document, the terms MUST, MUST NOT, SHOULD, and SHOULD NOT
   are used in capital letters.  This conforms to the definitions in
   [MUSTSHOULD].

2. Object Identifier for Content and Key Encryption

   The Cryptographic Message Syntax [CMS], derived from PKCS#7 [PKCS7],
   is the framework for the implementation of cryptographic functions in
   S/MIME.  It specifies data formats and encryption processes without
   naming the cryptographic algorithms.  Each algorithm which is used
   for encryption purposes must be specified by a unique algorithm
   identifier.  For example, in the special case of content encryption
   the ContentEncryptionAlgorithmIdentifier specifies the algorithm to
   be applied.  However, according to [CMS] any symmetric encryption
   algorithm that a CMS implementation includes as a content-encryption
   algorithm must also be included as a key-encryption algorithm.

   IDEA is added to the set of optional symmetric encryption algorithms
   in S/MIME by providing two unique object identifiers (OIDs).  One OID
   defines content encryption and the other one key encryption.  Thus an
   S/MIME agent can apply IDEA either for content or key encryption by
   selecting the corresponding object identifier, supplying the required
   parameter, and starting the program code.

   For content encryption the use of IDEA in cipher block chaining (CBC)
   mode is recommended.  The key length is fixed to 128 bits.

   The IDEA content-encryption algorithm in CBC mode has the object
   identifier

     IDEA-CBC OBJECT IDENTIFIER
       ::= { iso(1) identified-organization(3)
           usdod(6) oid(1) private(4) enterprises(1)
           ascom(188) systec(7) security(1) algorithms(1) 2 }

   The identifier's parameters field contains the initialization vector
   (IV) as an optional parameter.

     IDEA-CBCPar ::= SEQUENCE {
       iv  OCTET STRING OPTIONAL } -- exactly 8 octets

   If IV is specified as above, it MUST be used as initial vector.  In
   this case, the ciphertext MUST NOT include the initial vector.  If IV
   is not specified, the first 64 bits of the ciphertext MUST be
   considered as the initial vector.  However, this alternative of not
   including IV into "iv OCTET STRING" of IDEA-CBCPar SHOULD NOT be
   applied in CMS or S/MIME.

Teiwes, et al.               Informational                      [Page 2]
RFC 3058            IDEA Encryption Algorithm in CMS       February 2001

   The key-wrap/unwrap algorithms used to encrypt/decrypt an IDEA
   content-encryption key with an IDEA key-encryption key are specified
   in the following section.  Generation and distribution of IDEA key-
Show full document text