datatracker.ietf.org
Sign in
Version 5.13.0, 2015-03-25
Report a bug

The Camellia Cipher Algorithm and Its Use With IPsec
RFC 4312

Document type: RFC - Proposed Standard (December 2005; Errata)
Was draft-kato-ipsec-ciph-camellia (individual in sec area)
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 4312 (Proposed Standard)
Responsible AD: Russ Housley
Send notices to: akato@po.ntts.co.jp

Network Working Group                                            A. Kato
Request for Comments: 4312                      NTT Software Corporation
Category: Standards Track                                      S. Moriai
                                        Sony Computer Entertainment Inc.
                                                                M. Kanda
                              Nippon Telegraph and Telephone Corporation
                                                           December 2005

          The Camellia Cipher Algorithm and Its Use With IPsec

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document describes the use of the Camellia block cipher
   algorithm in Cipher Block Chaining Mode, with an explicit
   Initialization Vector, as a confidentiality mechanism within the
   context of the IPsec Encapsulating Security Payload (ESP).

1.  Introduction

   This document describes the use of the Camellia block cipher
   algorithm in Cipher Block Chaining Mode, with an explicit
   Initialization Vector, as a confidentiality mechanism within the
   context of the IPsec Encapsulating Security Payload (ESP).

   Camellia was selected as a recommended cryptographic primitive by the
   EU NESSIE (New European Schemes for Signatures, Integrity and
   Encryption) project [NESSIE] and was included in the list of
   cryptographic techniques for Japanese e-Government systems that was
   selected by the Japan CRYPTREC (Cryptography Research, Evaluation
   Committees) [CRYPTREC].  Camellia has been submitted to several other
   standardization bodies, such as ISO (ISO/IEC 18033) and the IETF
   S/MIME Mail Security Working Group [Camellia-CMS].

Kato, et al.                Standards Track                     [Page 1]
RFC 4312                    Camellia Cipher                December 2005

   Camellia supports 128-bit block size and 128-, 192-, and 256-bit key
   lengths, i.e., the same interface specifications as the Advanced
   Encryption Standard (AES) [AES].

   Camellia is a symmetric cipher with a Feistel structure.  Camillia
   was developed jointly by NTT and Mitsubishi Electric Corporation in
   2000.  It was designed to withstand all known cryptanalytic attacks,
   and it has been scrutinized by worldwide cryptographic experts.
   Camellia is suitable for implementation in software and hardware,
   offering encryption speed in software and hardware implementations
   that is comparable to AES.

   The Camellia homepage [Camellia-Web] contains a wealth of information
   about camellia, including detailed specification, security analysis,
   performance figures, reference implementation, test vectors, and
   intellectual property information.

   The remainder of this document specifies the use of Camellia within
   the context of IPsec ESP.  For further information on how the various
   pieces of ESP fit together to provide security services, please refer
   to [ARCH], [ESP], and [ROAD].

1.1.  Specification of Requirements

   The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" that
   appear in this document are to be interpreted as described in
   [RFC-2119].

2.  The Camellia Cipher Algorithm

   All symmetric block cipher algorithms share common characteristics
   and variables, including mode, key size, weak keys, block size, and
   rounds.  The following sections contain descriptions of the relevant
   characteristics of Camellia.

   The algorithm specification and object identifiers are described in
   [Camellia-Desc].

2.1.  Mode

   NIST has defined five modes of operation for AES and other FIPS-
   approved ciphers [SP800-38a]: CBC (Cipher Block Chaining), ECB
   (Electronic CodeBook), CFB (Cipher FeedBack), OFB (Output FeedBack),
   and CTR (Counter).  The CBC mode is well defined and well understood
   for symmetric ciphers, and it is currently required for all other ESP
   ciphers.  This document specifies the use of the Camellia cipher in
   CBC mode within ESP.  This mode requires an Initialization Vector

Kato, et al.                Standards Track                     [Page 2]
RFC 4312                    Camellia Cipher                December 2005

[include full document text]