| draft-ietf-lamps-cms-aes-gmac-alg-00.txt | draft-ietf-lamps-cms-aes-gmac-alg-01.txt | |||
|---|---|---|---|---|
| Network Working Group R. Housley | Network Working Group R. Housley | |||
| Internet-Draft Vigil Security | Internet-Draft Vigil Security | |||
| Intended status: Standards Track 2 December 2020 | Intended status: Standards Track 23 December 2020 | |||
| Expires: 5 June 2021 | Expires: 26 June 2021 | |||
| Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) | Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) | |||
| draft-ietf-lamps-cms-aes-gmac-alg-00 | draft-ietf-lamps-cms-aes-gmac-alg-01 | |||
| Abstract | Abstract | |||
| This document specifies the conventions for using the AES-GMAC | This document specifies the conventions for using the AES-GMAC | |||
| Message Authentication Code algorithms with the Cryptographic Message | Message Authentication Code algorithms with the Cryptographic Message | |||
| Syntax (CMS) as specified in RFC 5652. | Syntax (CMS) as specified in RFC 5652. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 32 ¶ | skipping to change at page 1, line 32 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 5 June 2021. | This Internet-Draft will expire on 26 June 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 3, line 24 ¶ | skipping to change at page 3, line 24 ¶ | |||
| For all three of these algorithm identifier values, the | For all three of these algorithm identifier values, the | |||
| AlgorithmIdentifier parameters field MUST be present, and the | AlgorithmIdentifier parameters field MUST be present, and the | |||
| parameters MUST contain GMACParameters: | parameters MUST contain GMACParameters: | |||
| GMACParameters ::= SEQUENCE { | GMACParameters ::= SEQUENCE { | |||
| nonce OCTET STRING, -- recommended size is 12 octets | nonce OCTET STRING, -- recommended size is 12 octets | |||
| length MACLength DEFAULT 12 } | length MACLength DEFAULT 12 } | |||
| MACLength ::= INTEGER (12 | 13 | 14 | 15 | 16) | MACLength ::= INTEGER (12 | 13 | 14 | 15 | 16) | |||
| The GMACParameters nonce parameter is the GMAC initialization vector. | The GMACParameters nonce field is the GMAC initialization vector. | |||
| The nonce may have any number of bits between 8 and 2^64, but it MUST | The nonce may have any number of bits between 8 and 2^64, but it MUST | |||
| be a multiple of 8 bits. Within the scope of any content- | be a multiple of 8 bits. Within the scope of any content- | |||
| authentication key, the nonce value MUST be unique. A nonce value of | authentication key, the nonce value MUST be unique. A nonce value of | |||
| 12 octets can be processed more efficiently, so that length for the | 12 octets can be processed more efficiently, so that length for the | |||
| nonce value is RECOMMENDED. | nonce value is RECOMMENDED. | |||
| The GMACParameters length parameter field tells the size of the | The GMACParameters length field field tells the size of the message | |||
| message authentication code. It MUST match the size in octets of the | authentication code. It MUST match the size in octets of the value | |||
| value in the AuthenticatedData mac field. A length of 12 octets is | in the AuthenticatedData mac field. A length of 12 octets is | |||
| RECOMMENDED. | RECOMMENDED. | |||
| 4. Implementation Considerations | 4. Implementation Considerations | |||
| An implementation of the Advanced Encryption Standard (AES) Galois/ | An implementation of the Advanced Encryption Standard (AES) Galois/ | |||
| Counter Mode (GCM) authenticated encryption algorithm is specified in | Counter Mode (GCM) authenticated encryption algorithm is specified in | |||
| [GCM]. An implementation of AES-GCM can be used to compute the GMAC | [GCM]. An implementation of AES-GCM can be used to compute the GMAC | |||
| message authentication code by providing the content-authentication | message authentication code by providing the content-authentication | |||
| key as the AES key, the nonce as the initialization vector, a zero- | key as the AES key, the nonce as the initialization vector, a zero- | |||
| length plaintext content, and the content to be authenticated as the | length plaintext content, and the content to be authenticated as the | |||
| End of changes. 5 change blocks. | ||||
| 8 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||