Browse Prior Art Database

Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP) (RFC3686)

IP.com Disclosure Number: IPCOM000021656D
Original Publication Date: 2004-Jan-01
Included in the Prior Art Database: 2004-Jan-30
Document File: 20 page(s) / 44K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

R. Housley: AUTHOR

Abstract

This document describes the use of Advanced Encryption Standard (AES) Counter Mode, with an explicit initialization vector, as an IPsec Encapsulating Security Payload (ESP) confidentiality mechanism.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 8% of the total text.

Network Working Group R. Housley

Request for Comments: 3686 Vigil Security

Category: Standards Track January 2004

Using Advanced Encryption Standard (AES) Counter Mode

With IPsec Encapsulating Security Payload (ESP)

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2004). All Rights Reserved.

Abstract

This document describes the use of Advanced Encryption Standard (AES)

Counter Mode, with an explicit initialization vector, as an IPsec

Encapsulating Security Payload (ESP) confidentiality mechanism.

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2

1.1. Conventions Used In This Document. . . . . . . . . . . . 2

2. AES Block Cipher . . . . . . . . . . . . . . . . . . . . . . . 2

2.1. Counter Mode . . . . . . . . . . . . . . . . . . . . . . 2

2.2. Key Size and Rounds. . . . . . . . . . . . . . . . . . . 5

2.3. Block Size . . . . . . . . . . . . . . . . . . . . . . . 5

3. ESP Payload. . . . . . . . . . . . . . . . . . . . . . . . . . 5

3.1. Initialization Vector. . . . . . . . . . . . . . . . . . 6

3.2. Encrypted Payload. . . . . . . . . . . . . . . . . . . . 6

3.3. Authentication Data. . . . . . . . . . . . . . . . . . . 6

4. Counter Block Format . . . . . . . . . . . . . . . . . . . . . 7

5. IKE Conventions. . . . . . . . . . . . . . . . . . . . . . . . 8

5.1. Keying Material and Nonces . . . . . . . . . . . . . . . 8

5.2. Phase 1 Identifier . . . . . . . . . . . . . . . . . . . 9

5.3. Phase 2 Identifier . . . . . . . . . . . . . . . . . . . 9

5.4. Key Length Attribute . . . . . . . . . . . . . . . . . . 9

6. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . . 9

7. Security Considerations. . . . . . . . . . . . . . . . . . . . 12

8. Design Rationale . . . . . . . . . . . . . . . . . . . . . . . 14

9. IANA Considerations. . . . . . . . . . . . . . . . . . . . . . 16

Housley Standards Track [Page 1]

RFC 3686 Using AES Counter Mode With IPsec ESP January 2004

10. Intellectual Property Statement. . . . . . . . . . . . . . . . 16

11. Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . . 16

12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17

12.1. Normative References . . . . . . . . . . . . . . . . . . 17

12.2. Informative References . . . . . . . . . . . . . . . . . 17

13. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 18

14. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 19

1. Introduction

The National Institute of Standards and Technology (NIST) recently

selected the Advanced Encryption Standard (AES) [AES], also known as

Rijndael. The AES is a block cipher, and it can be used in many

differ...