The ESP DES-CBC Cipher Algorithm With Explicit IV (RFC2405)
Original Publication Date: 1998-Nov-01
Included in the Prior Art Database: 2019-Feb-11
Internet Society Requests For Comment (RFCs)
C. Madson: AUTHOR [+1]
This document describes the use of the DES Cipher algorithm in Cipher Block Chaining Mode, with an explicit IV, as a confidentiality mechanism within the context of the IPSec Encapsulating Security Payload (ESP). [STANDARDS-TRACK]
Network Working Group C. Madson Request for Comments: 2405 Cisco Systems, Inc. Category: Standards Track N. Doraswamy Bay Networks, Inc. November 1998
The ESP DES-CBC Cipher Algorithm With Explicit IV
Status of this Memo
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright (C) The Internet Society (1998). All Rights Reserved.
This document describes the use of the DES Cipher algorithm in Cipher Block Chaining Mode, with an explicit IV, as a confidentiality mechanism within the context of the IPSec Encapsulating Security Payload (ESP).
This document describes the use of the DES Cipher algorithm in Cipher Block Chaining Mode as a confidentiality mechanism within the context of the Encapsulating Security Payload.
DES is a symmetric block cipher algorithm. The algorithm is described in [FIPS-46-2][FIPS-74][FIPS-81]. [Schneier96] provides a general description of Cipher Block Chaining Mode, a mode which is applicable to several encryption algorithms.
As specified in this memo, DES-CBC is not an authentication mechanism. [Although DES-MAC, described in [Schneier96] amongst other places, does provide authentication, DES-MAC is not discussed here.]
For further information on how the various pieces of ESP fit together to provide security services, refer to [ESP] and [road].
Madson & Doraswamy Standards Track [Page 1]
RFC 2405 The ESP DES-CBC Cipher Algorithm November 1998
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC-2119].
2. Algorithm and Mode
DES-CBC is a symmetric secret-key block algorithm. It has a block size of 64 bits.
[FIPS-46-2][FIPS-74] and [FIPS-81] describe the DES algorithm, while [Schneier96] provides a good description of CBC mode.
Phil Karn has tuned DES-CBC software to achieve 10.45 Mbps with a 90 MHz Pentium, scaling to 15.9 Mbps with a 133 MHz Pentium. Other DES speed estimates may be found in [Schneier96].
3. ESP Payload
DES-CBC requires an explicit Initialization Vector (IV) of 8 octets (64 bits). This IV immediately precedes the protected (encrypted) payload. The IV MUST be a random value.
Including the IV in each datagram ensures that decryption of each received datagram can be performed, even when some datagrams are dropped, or datagrams are re-ordered in transit.
Common practice is to use random data for the first IV and the last 8 octets of encrypted data from an encryption process as the IV for the next encryption process; this logically extends the CBC across the packets. It also has the advantage of limiting the leak...