Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Password-based Encryption for CMS (RFC3211)

IP.com Disclosure Number: IPCOM000006211D
Original Publication Date: 2001-Dec-01
Included in the Prior Art Database: 2001-Dec-14
Document File: 18 page(s) / 31K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

P. Gutmann: AUTHOR

Abstract

This document provides a method of encrypting data using user- supplied passwords and, by extension, any form of variable-length keying material which is not necessarily an algorithm-specific fixed-format key. The Cryptographic Message Syntax data format does not currently contain any provisions for password-based data encryption.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 11% of the total text.

Network Working Group                                         P. Gutmann

Request for Comments: 3211                        University of Auckland

Category: Standards Track                                  December 2001

                   Password-based Encryption for CMS

Status of this Memo

   This document specifies an Internet standards track protocol for the

   Internet community, and requests discussion and suggestions for

   improvements.  Please refer to the current edition of the "Internet

   Official Protocol Standards" (STD 1) for the standardization state

   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2001).  All Rights Reserved.

Abstract

   This document provides a method of encrypting data using user-

   supplied passwords and, by extension, any form of variable-length

   keying material which is not necessarily an algorithm-specific

   fixed-format key.  The Cryptographic Message Syntax data format does

   not currently contain any provisions for password-based data

   encryption.

1. Introduction

   This document describes a password-based content encryption mechanism

   for CMS.  This is implemented as a new RecipientInfo type and is an

   extension to the RecipientInfo types currently defined in RFC 2630.

   The format of the messages are described in ASN.1 [ASN1].

   The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",

   "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be

   interpreted as described in RFC 2119.

Gutmann                     Standards Track                     [Page 1]

RFC 3211           Password-based Encryption for CMS       December 2001

1.1 Password-based Content Encryption

   CMS currently defined three recipient information types for public-

   key key wrapping (KeyTransRecipientInfo), conventional key wrapping

   (KEKRecipientInfo), and key agreement (KeyAgreeRecipientInfo).  The

   recipient information described here adds a fourth type,

   PasswordRecipientInfo, which provides for password-based key

   wrapping.

1.2 RecipientInfo Types

   The new recipient information type is an extension to the

   RecipientInfo type defined in section 6.2 of CMS, extending the types

   to:

      RecipientInfo ::= CHOICE {

        ktri KeyTransRecipientInfo,

        kari [1] KeyAgreeRecipientInfo,

        kekri [2] KEKRecipientInfo,

        pwri [3] PasswordRecipientinfo   -- New RecipientInfo type

        }

   Although the recipient information generation process is described in

   terms of a password-based operation (since this will be its most

   common use), the transformation employed is a general-purpose key

   derivation one which allows any type of keying material to be

   converted into a key specific to a particular content-encryption

   algorithm.  Since the most common use for password-based encryption

   is to encrypt files which are stored locally (rather than being

   transmitted across a network), the term "recipient" is somewhat

   misleading, but is used here because the other key transport

   mechanisms have always been described in similar terms.

1.2.1  PasswordRecipientInfo Type

   Recipient information using a user-supplied password or previously

   agreed-upon key is represented in the type PasswordRecipientInfo.

   Each instance...