The ESP Triple DES Transform (RFC1851)
Original Publication Date: 1995-Sep-01
Included in the Prior Art Database: 2000-Sep-13
Publishing Venue
Internet Society Requests For Comment (RFCs)
Related People
P. Karn: AUTHOR [+3]
Abstract
This document describes the Triple DES-CBC security transform for the IP Encapsulating Security Payload (ESP).
Network Working Group P. Karn
Request for Comments: 1851 Qualcomm
Category: Experimental P. Metzger
Piermont
W. Simpson
Daydreamer
September 1995
The ESP Triple DES Transform
Status of this Memo
This document defines an Experimental Protocol for the Internet
community. This does not specify an Internet standard of any kind.
Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.
Abstract
This document describes the Triple DES-CBC security transform for the
IP Encapsulating Security Payload (ESP).
Table of Contents
1. Introduction .......................................... 2
1.1 Keys ............................................ 2
1.2 Initialization Vector ........................... 2
1.3 Data Size ....................................... 3
1.4 Performance ..................................... 3
2. Payload Format ........................................ 4
3. Algorithm ............................................. 6
3.1 Encryption ...................................... 6
3.2 Decryption ...................................... 7
SECURITY CONSIDERATIONS ...................................... 7
ACKNOWLEDGEMENTS ............................................. 8
REFERENCES ................................................... 9
AUTHOR'S ADDRESS ............................................. 11
1. Introduction
The Encapsulating Security Payload (ESP) [RFC-1827] provides
confidentiality for IP datagrams by encrypting the payload data to be
protected. This specification describes the ESP use of a variant of
of the Cipher Block Chaining (CBC) mode of the US Data Encryption
Standard (DES) algorithm [FIPS-46, FIPS-46-1, FIPS-74, FIPS-81].
This variant, known as Triple DES (3DES), processes each block of the
plaintext three times, each time with a different key [Tuchman79].
This document assumes that the reader is familiar with the related
document "Security Architecture for the Internet Protocol" [RFC-
1825], which defines the overall security plan for IP, and provides
important background for this specification.
1.1. Keys
The secr...