Browse Prior Art Database

The ESP Triple DES Transform (RFC1851)

IP.com Disclosure Number: IPCOM000004107D
Original Publication Date: 1995-Sep-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 8 page(s) / 18K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

P. Karn: AUTHOR [+3]

Abstract

This document describes the Triple DES-CBC security transform for the IP Encapsulating Security Payload (ESP).

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 15% of the total text.

Network Working Group P. Karn

Request for Comments: 1851 Qualcomm

Category: Experimental P. Metzger

Piermont

W. Simpson

Daydreamer

September 1995

The ESP Triple DES Transform

Status of this Memo

This document defines an Experimental Protocol for the Internet

community. This does not specify an Internet standard of any kind.

Discussion and suggestions for improvement are requested.

Distribution of this memo is unlimited.

Abstract

This document describes the Triple DES-CBC security transform for the

IP Encapsulating Security Payload (ESP).

Table of Contents

1. Introduction .......................................... 2

1.1 Keys ............................................ 2

1.2 Initialization Vector ........................... 2

1.3 Data Size ....................................... 3

1.4 Performance ..................................... 3

2. Payload Format ........................................ 4

3. Algorithm ............................................. 6

3.1 Encryption ...................................... 6

3.2 Decryption ...................................... 7

SECURITY CONSIDERATIONS ...................................... 7

ACKNOWLEDGEMENTS ............................................. 8

REFERENCES ................................................... 9

AUTHOR'S ADDRESS ............................................. 11

1. Introduction

The Encapsulating Security Payload (ESP) [RFC-1827] provides

confidentiality for IP datagrams by encrypting the payload data to be

protected. This specification describes the ESP use of a variant of

of the Cipher Block Chaining (CBC) mode of the US Data Encryption

Standard (DES) algorithm [FIPS-46, FIPS-46-1, FIPS-74, FIPS-81].

This variant, known as Triple DES (3DES), processes each block of the

plaintext three times, each time with a different key [Tuchman79].

This document assumes that the reader is familiar with the related

document "Security Architecture for the Internet Protocol" [RFC-

1825], which defines the overall security plan for IP, and provides

important background for this specification.

1.1. Keys

The secr...