Browse Prior Art Database

The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP) (RFC4106)

IP.com Disclosure Number: IPCOM000125673D
Original Publication Date: 2005-Jun-01
Included in the Prior Art Database: 2005-Jun-11
Document File: 12 page(s) / 23K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Viega: AUTHOR [+2]

Abstract

This memo describes the use of the Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM) as an IPsec Encapsulating Security Payload (ESP) mechanism to provide confidentiality and data origin authentication. This method can be efficiently implemented in hardware for speeds of 10 gigabits per second and above, and is also well-suited to software implementations.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 11% of the total text.

Network Working Group                                           J. Viega
Request for Comments: 4106                         Secure Software, Inc.
Category: Standards Track                                      D. McGrew
                                                     Cisco Systems, Inc.
                                                               June 2005


                 The Use of Galois/Counter Mode (GCM)
             in IPsec Encapsulating Security Payload (ESP)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This memo describes the use of the Advanced Encryption Standard (AES)
   in Galois/Counter Mode (GCM) as an IPsec Encapsulating Security
   Payload (ESP) mechanism to provide confidentiality and data origin
   authentication.  This method can be efficiently implemented in
   hardware for speeds of 10 gigabits per second and above, and is also
   well-suited to software implementations.

Table of Contents

   1. Introduction ....................................................2
      1.1. Conventions Used in This Document ..........................2
   2. AES-GCM .........................................................3
   3. ESP Payload Data ................................................3
      3.1. Initialization Vector (IV) .................................3
      3.2. Ciphertext .................................................4
   4. Nonce Format ....................................................4
   5. AAD Construction ................................................5
   6. Integrity Check Value (ICV) .....................................5
   7. Packet Expansion ................................................6
   8. IKE Conventions .................................................6
      8.1. Keying Material and Salt Values ............................6
      8.2. Phase 1 Identifier .........................................6
      8.3. Phase 2 Identifier .........................................7
      8.4. Key Length Attribute .......................................7

Viega & McGrew              Standards Track                     [Page 1]
RFC 4106                        GCM ESP                        June 2005


   9. Test Vectors...