Browse Prior Art Database

The PPP Triple-DES Encryption Protocol (3DESE) (RFC2420)

IP.com Disclosure Number: IPCOM000002997D
Original Publication Date: 1998-Sep-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 7 page(s) / 16K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

H. Kummert: AUTHOR

Abstract

The Point-to-Point Protocol (PPP) [1] provides a standard method for transporting multi-protocol datagrams over point-to-point links.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 19% of the total text.

Network Working Group H. Kummert

Request for Comments: 2420 Nentec GmbH

Category: Standards Track September 1998

The PPP Triple-DES Encryption Protocol (3DESE)

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1998). All Rights Reserved.

Abstract

The Point-to-Point Protocol (PPP) [1] provides a standard method for

transporting multi-protocol datagrams over point-to-point links.

The PPP Encryption Control Protocol (ECP) [2] provides a method to

negotiate and utilize encryption protocols over PPP encapsulated

links.

This document provides specific details for the use of the Triple-DES

standard (3DES) [6] for encrypting PPP encapsulated packets.

Table of Contents

1. Introduction .............................................. 2

1.1 Algorithm ................................................. 2

1.2 Keys ...................................................... 3

2. 3DESE Configuration Option for ECP ........................ 3

3. Packet format for 3DESE ................................... 4

4. Encryption ................................................ 5

4.1 Padding ................................................... 5

4.2 Recovery after packet loss ................................ 6

5. Security Considerations ................................... 6

6. References ................................................ 7

7. Acknowledgements .......................................... 7

8. Author's Address .......................................... 7

9. Full Copyright Statement .................................. 8

1. Introduction

The purpose of encrypting packets exchanged between two PPP

implementations is to attempt to insure the privacy of communication

conducted via the two implementations. There exists a large variety

of encryption algorithms, where one is the DES algorithm. The DES

encryption algorithm is a well studied, understood and widely

implemented encryption algorithm. Triple-DES means that this

algorithm is applied three times on the data to be encrypted before

it is sent over the line. The variant used is the DES-EDE3-CBC, which

is described in more detail in the text. It was also chosen to be

applied in the security section of IP [5].

This document shows how to send via the Triple-DES algorithm

encrypted packets over a point-to-point-link. It lies in the context

of the generic PPP Encryption Control Protocol [2].

Because of the use of the CBC-mode a sequence number is provided to

ensur...