Browse Prior Art Database

Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) (RFC4305)

IP.com Disclosure Number: IPCOM000132539D
Original Publication Date: 2005-Dec-01
Included in the Prior Art Database: 2005-Dec-21
Document File: 10 page(s) / 18K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Eastlake 3rd: AUTHOR

Abstract

The IPsec series of protocols makes use of various cryptographic algorithms in order to provide security services. The Encapsulating Security Payload (ESP) and the Authentication Header (AH) provide two mechanisms for protecting data being sent over an IPsec Security Association (SA). To ensure interoperability between disparate implementations, it is necessary to specify a set of mandatory-to- implement algorithms to ensure that there is at least one algorithm that all implementations will have available. This document defines the current set of mandatory-to-implement algorithms for ESP and AH as well as specifying algorithms that should be implemented because they may be promoted to mandatory at some future time.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 15% of the total text.

Network Working Group                                    D. Eastlake 3rd
Request for Comments: 4305                         Motorola Laboratories
Obsoletes: 2404, 2406                                      December 2005
Category: Standards Track


        Cryptographic Algorithm Implementation Requirements for
  Encapsulating Security Payload (ESP) and Authentication Header (AH)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   The IPsec series of protocols makes use of various cryptographic
   algorithms in order to provide security services.  The Encapsulating
   Security Payload (ESP) and the Authentication Header (AH) provide two
   mechanisms for protecting data being sent over an IPsec Security
   Association (SA).  To ensure interoperability between disparate
   implementations, it is necessary to specify a set of mandatory-to-
   implement algorithms to ensure that there is at least one algorithm
   that all implementations will have available.  This document defines
   the current set of mandatory-to-implement algorithms for ESP and AH
   as well as specifying algorithms that should be implemented because
   they may be promoted to mandatory at some future time.

Eastlake                    Standards Track                     [Page 1]
RFC 4305         Cryptographic Algorithms for ESP & AH     December 2005


Table of Contents

   1. Introduction ....................................................2
   2. Requirements Terminology ........................................3
   3. Algorithm Selection .............................................3
      3.1. Encapsulating Security Payload .............................3
           3.1.1. ESP Encryption and Authentication Algorithms ........4
           3.1.2. ESP Combined Mode Algorithms ........................4
      3.2. Authentication Header ......................................5
   4. Security Considerations .........................................5
   5. Acknowledgement .................................................5
   6. Changes from RFC 2402 and 2406 ..................................6
   7. Normative References ............................................6
   8. Informative References ..........................................7

1.  Introduction

   The Encapsulating Security Payload (ESP) and the Authentication
   Header (AH) provide two mechanisms for ...