datatracker.ietf.org
Sign in
Version 5.4.0, 2014-04-22
Report a bug

Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS)
RFC 4010

Document type: RFC - Proposed Standard (February 2005; Errata)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4010 (Proposed Standard)
Responsible AD: Russ Housley
Send notices to: turners@ieca.com, blake@sendmail.com

Network Working Group                                            J. Park
Request for Comments: 4010                                        S. Lee
Category: Standards Track                                         J. Kim
                                                                  J. Lee
                                                                    KISA
                                                           February 2005

                  Use of the SEED Encryption Algorithm
                 in Cryptographic Message Syntax (CMS)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document specifies the conventions for using the SEED encryption
   algorithm for encryption with the Cryptographic Message Syntax (CMS).

   SEED is added to the set of optional symmetric encryption algorithms
   in CMS by providing two classes of unique object identifiers (OIDs).
   One OID class defines the content encryption algorithms and the other
   defines the key encryption algorithms.

1.  Introduction

   This document specifies the conventions for using the SEED encryption
   algorithm [SEED][TTASSEED] for encryption with the Cryptographic
   Message Syntax (CMS)[CMS].  The relevant object identifiers (OIDs)
   and processing steps are provided so that SEED may be used in the CMS
   specification (RFC 3852, RFC 3370) for content and key encryption.

Park, et al.                Standards Track                     [Page 1]
RFC 4010          The SEED Encryption Algorithm in CMS     February 2005

1.1.  SEED

   SEED is a symmetric encryption algorithm developed by KISA (Korea
   Information Security Agency) and a group of experts since 1998.  The
   input/output block size and key length of SEED is 128-bits.  SEED has
   the 16-round Feistel structure.  A 128-bit input is divided into two
   64-bit blocks and the right 64-bit block is an input to the round
   function, with a 64-bit subkey generated from the key scheduling.

   SEED is easily implemented in various software and hardware because
   it takes less memory to implement than other algorithms and generates
   keys without degrading the security of the algorithm.  In particular,
   it can be effectively adopted in a computing environment with a
   restricted resources, such as mobile devices and smart cards.

   SEED is robust against known attacks including DC (Differential
   cryptanalysis), LC (Linear cryptanalysis), and related key attacks.
   SEED has gone through wide public scrutinizing procedures.  It has
   been evaluated and is considered cryptographically secure by credible
   organizations such as ISO/IEC JTC 1/SC 27 and Japan CRYPTREC
   (Cryptography Research and Evaluation Committees)
   [ISOSEED][CRYPTREC].

   SEED is a national industrial association standard [TTASSEED] and is
   widely used in South Korea for electronic commerce and financial
   services operated on wired and wireless communications.

1.2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
   "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in uppercase,
   as shown) are to be interpreted as described in [RFC2119].

2.  Object Identifiers for Content and Key Encryption

   This section provides the OIDs and processing information necessary
   for SEED to be used for content and key encryption in CMS.  SEED is
   added to the set of optional symmetric encryption algorithms in CMS
   by providing two classes of unique object identifiers (OIDs).  One
   OID class defines the content encryption algorithms and the other
   defines the key encryption algorithms.  Thus, a CMS agent can apply
   SEED either for content or key encryption by selecting the
   corresponding object identifier, supplying the required parameter,
   and starting the program code.

Park, et al.                Standards Track                     [Page 2]
RFC 4010          The SEED Encryption Algorithm in CMS     February 2005

2.1.  OIDs for Content Encryption

   SEED is added to the set of symmetric content encryption algorithms
   defined in [CMSALG].  The SEED content-encryption algorithm in Cipher
   Block Chaining (CBC) mode has the following object identifier:

      id-seedCBC OBJECT IDENTIFIER ::=

[include full document text]