Modes of Operation for Camellia for Use with IPsec
RFC 5529
| Document | Type |
RFC - Proposed Standard
(April 2009; No errata)
Was draft-kato-ipsec-camellia-modes (individual in sec area)
|
|
|---|---|---|---|
| Last updated | 2015-10-14 | ||
| Stream | IETF | ||
| Formats | plain text pdf html bibtex | ||
| Reviews | |||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 5529 (Proposed Standard) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Tim Polk | ||
| Send notices to | (None) | ||
Network Working Group A. Kato
Request for Comments: 5529 NTT Software Corporation
Category: Standards Track M. Kanda
NTT
S. Kanno
NTT Software Corporation
April 2009
Modes of Operation for Camellia for Use with IPsec
Status of This Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Abstract
This document describes the use of the Camellia block cipher
algorithm in Cipher Block Chaining (CBC) mode, Counter (CTR) mode,
and Counter with CBC-MAC (CCM) mode as additional, optional-to-
implement Internet Key Exchange Protocol version 2 (IKEv2) and
Encapsulating Security Payload (ESP) mechanisms to provide
confidentiality, data origin authentication, and connectionless
integrity.
Kato, et al. Standards Track [Page 1]
RFC 5529 Modes of Operation for Camellia for IPsec April 2009
Table of Contents
1. Introduction ....................................................2
1.1. Terminology ................................................3
2. The Camellia Cipher Algorithm ...................................3
2.1. Block Size and Padding .....................................3
2.2. Performance ................................................3
3. Modes ...........................................................3
3.1. Cipher Block Chaining ......................................3
3.2. Counter and Counter with CBC-MAC ...........................3
4. IKEv2 Conventions ...............................................4
4.1. Keying Material ............................................4
4.2. Transform Type 1 ...........................................5
4.3. Key Length Attribute .......................................5
5. Security Considerations .........................................5
6. IANA Considerations .............................................5
7. Acknowledgments .................................................5
8. References ......................................................5
8.1. Normative References .......................................5
8.2. Informative References .....................................6
1. Introduction
This document describes the use of the Camellia block cipher
algorithm [1] in Cipher Block Chaining (CBC) mode, Counter (CTR)
mode, and Counter with CBC-MAC (CCM) mode as additional, optional-to-
implement IKEv2 [2] and Encapsulating Security Payload (ESP) [3]
mechanisms to provide confidentiality, data origin authentication,
and connectionless integrity.
Since optimized source code is provided under several open source
licenses [9], Camellia is also adopted by several open source
projects (OpenSSL, FreeBSD, Linux, and Firefox Gran Paradiso).
The algorithm specification and object identifiers are described in
[1].
The Camellia web site [10] contains a wealth of information about
Camellia, including detailed specification, security analysis,
performance figures, reference implementation, optimized
implementation, test vectors, and intellectual property information.
The remainder of this document specifies the use of various modes of
operation for Camellia within the context of IPsec ESP. For further
information on how the various pieces of IPsec in general and ESP in
particular fit together to provide security services, please refer to
[11] and [3].
Kato, et al. Standards Track [Page 2]
RFC 5529 Modes of Operation for Camellia for IPsec April 2009
1.1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
Show full document text