Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

IP Authentication using Keyed SHA (RFC1852)

IP.com Disclosure Number: IPCOM000004108D
Original Publication Date: 1995-Sep-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 4 page(s) / 8K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

P. Metzger: AUTHOR [+2]

Abstract

This document describes the use of keyed SHA with the IP Authentication Header.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 32% of the total text.

Network Working Group P. Metzger

Request for Comments: 1852 Piermont

Category: Experimental W. Simpson

Daydreamer

September 1995

IP Authentication using Keyed SHA

Status of this Memo

This document defines an Experimental Protocol for the Internet

community. This does not specify an Internet standard of any kind.

Discussion and suggestions for improvement are requested.

Distribution of this memo is unlimited.

Abstract

This document describes the use of keyed SHA with the IP

Authentication Header.

Table of Contents

1. Introduction .......................................... 2

1.1 Keys ............................................ 2

1.2 Data Size ....................................... 2

1.3 Performance ..................................... 2

2. Calculation ........................................... 3

SECURITY CONSIDERATIONS ...................................... 4

ACKNOWLEDGEMENTS ............................................. 4

REFERENCES ................................................... 5

AUTHOR'S ADDRESS ............................................. 6

1. Introduction

The Authentication Header (AH) [RFC-1826] provides integrity and

authentication for IP datagrams. This specification describes the AH

use of keys with the Secure Hash Algorithm (SHA) [FIPS-180-1].

It should be noted that this document specifies a newer version of

the SHA than that described in [FIPS-180], which was flawed. The

older version is not interoperable with the newer version.

This document assumes that the reader is familiar with the related

document "Security Architecture for the Internet Protocol" [RFC-

1825], which defines the overall security plan for IP, and provides

important background for this specification.

1.1. Keys

The secret authentication key shared between the communicating

parties SHOULD be a cryptographically strong random number, not a

guessable string of any sort.

The shared key is not constrained by this transform to any particular

size. Lengths of up to 160 bits MUST be supported by the

implementation, although any particular key may be shorter. Longer

keys are encouraged.

1.2. Data Size

SHA's 160-bit output is naturally 32-bit aligned. However, many

implementations require 64-bit alignment of the follow...