Browse Prior Art Database

The AES-CBC Cipher Algorithm and Its Use with IPsec (RFC3602)

IP.com Disclosure Number: IPCOM000019628D
Original Publication Date: 2003-Sep-01
Included in the Prior Art Database: 2003-Sep-24
Document File: 16 page(s) / 30K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Frankel: AUTHOR [+3]

Abstract

This document describes the use of the Advanced Encryption Standard (AES) Cipher Algorithm in Cipher Block Chaining (CBC) Mode, with an explicit Initialization Vector (IV), as a confidentiality mechanism within the context of the IPsec Encapsulating Security Payload (ESP).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 12% of the total text.

Network Working Group S. Frankel

Request for Comments: 3602 R. Glenn

Category: Standards Track NIST

S. Kelly

Airespace

September 2003

The AES-CBC Cipher Algorithm and Its Use with IPsec

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2003). All Rights Reserved.

Abstract

This document describes the use of the Advanced Encryption Standard

(AES) Cipher Algorithm in Cipher Block Chaining (CBC) Mode, with an

explicit Initialization Vector (IV), as a confidentiality mechanism

within the context of the IPsec Encapsulating Security Payload (ESP).

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2

1.1. Specification of Requirements. . . . . . . . . . . . . . 3

2. The AES Cipher Algorithm . . . . . . . . . . . . . . . . . . . 3

2.1. Mode . . . . . . . . . . . . . . . . . . . . . . . . . . 3

2.2. Key Size and Number of Rounds. . . . . . . . . . . . . . 4

2.3. Weak Keys. . . . . . . . . . . . . . . . . . . . . . . . 4

2.4. Block Size and Padding . . . . . . . . . . . . . . . . . 4

2.5. Additional Information . . . . . . . . . . . . . . . . . 4

2.6. Performance. . . . . . . . . . . . . . . . . . . . . . . 5

3. ESP Payload . . . . . . . . . . . . . . . . . . . . . . . . . 5

3.1. ESP Algorithmic Interactions . . . . . . . . . . . . . . 6

3.2. Keying Material. . . . . . . . . . . . . . . . . . . . . 6

4. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 6

5. IKE Interactions . . . . . . . . . . . . . . . . . . . . . . . 10

5.1. Phase 1 Identifier . . . . . . . . . . . . . . . . . . . 10

5.2. Phase 2 Identifier . . . . . . . . . . . . . . . . . . . 10

5.3. Key Length Attribute . . . . . . . . . . . . . . . . . . 10

Frankel, et al. Standards Track [Page 1]

RFC 3602 AES-CBC Cipher Algorithm Use with IPsec September 2003

5.4. Hash Algorithm Considerations. . . . . . . . . . . . . . 10

6. Security Considerations . . . . . . . . . . . . . . . . . . . 11

7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11

8. Intellectual Property Rights Statement . . . . . . . . . . . . 11

9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 12

9.1. Normative References . . . . . . . . . . . . . . . . . . 12

9.2. Informative References . . . . . . . . . . . . . . . . . 12

10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 13

11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 14

12. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 15

1. Introduction

As the culmination of a four-year competitive process, NIST (the

National Institute of Standards and Technology) has selected the AES

(Advanced Encryption Standar...