Browse Prior Art Database

Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP) (RFC4309)

IP.com Disclosure Number: IPCOM000132543D
Original Publication Date: 2005-Dec-01
Included in the Prior Art Database: 2005-Dec-21
Document File: 14 page(s) / 29K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

R. Housley: AUTHOR

Abstract

This document describes the use of Advanced Encryption Standard (AES) in Counter with CBC-MAC (CCM) Mode, with an explicit initialization vector (IV), as an IPsec Encapsulating Security Payload (ESP) mechanism to provide confidentiality, data origin authentication, and connectionless integrity.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 9% of the total text.

Network Working Group                                         R. Housley
Request for Comments: 4309                                Vigil Security
Category: Standards Track                                  December 2005


           Using Advanced Encryption Standard (AES) CCM Mode
            with IPsec Encapsulating Security Payload (ESP)

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document describes the use of Advanced Encryption Standard (AES)
   in Counter with CBC-MAC (CCM) Mode, with an explicit initialization
   vector (IV), as an IPsec Encapsulating Security Payload (ESP)
   mechanism to provide confidentiality, data origin authentication, and
   connectionless integrity.

Table of Contents

   1. Introduction ....................................................2
      1.1. Conventions Used in This Document ..........................2
   2. AES CCM Mode ....................................................2
   3. ESP Payload .....................................................4
      3.1. Initialization Vector (IV) .................................4
      3.2. Encrypted Payload ..........................................4
      3.3. Authentication Data ........................................5
   4. Nonce Format ....................................................5
   5. AAD Construction ................................................6
   6. Packet Expansion ................................................7
   7. IKE Conventions .................................................7
      7.1. Keying Material and Salt Values ............................7
      7.2. Phase 1 Identifier .........................................8
      7.3. Phase 2 Identifier .........................................8
      7.4. Key Length Attribute .......................................8
   8. Test Vectors ....................................................8
   9. Security Considerations .........................................8
   10. Design Rationale ...............................................9

Housley                     Standards Track                     [Page 1]
RFC 4309           Using AEC CCM Mode with IPsec ESP       December 2005


   11. IANA Considerations ...........................................11
   12. Acknowledgements ..............................................11
   13...