| draft-ietf-lamps-cms-aes-gmac-alg-01.txt | draft-ietf-lamps-cms-aes-gmac-alg-02.txt | |||
|---|---|---|---|---|
| Network Working Group R. Housley | Network Working Group R. Housley | |||
| Internet-Draft Vigil Security | Internet-Draft Vigil Security | |||
| Intended status: Standards Track 23 December 2020 | Intended status: Standards Track 30 December 2020 | |||
| Expires: 26 June 2021 | Expires: 3 July 2021 | |||
| Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) | Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) | |||
| draft-ietf-lamps-cms-aes-gmac-alg-01 | draft-ietf-lamps-cms-aes-gmac-alg-02 | |||
| Abstract | Abstract | |||
| This document specifies the conventions for using the AES-GMAC | This document specifies the conventions for using the AES-GMAC | |||
| Message Authentication Code algorithms with the Cryptographic Message | Message Authentication Code algorithms with the Cryptographic Message | |||
| Syntax (CMS) as specified in RFC 5652. | Syntax (CMS) as specified in RFC 5652. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 32 ¶ | skipping to change at page 1, line 32 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 26 June 2021. | This Internet-Draft will expire on 3 July 2021. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2020 IETF Trust and the persons identified as the | Copyright (c) 2020 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 2, line 18 ¶ | skipping to change at page 2, line 18 ¶ | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 3. Message Authentication Code Algorithms . . . . . . . . . . . 2 | 3. Message Authentication Code Algorithms . . . . . . . . . . . 2 | |||
| 3.1. AES-GMAC . . . . . . . . . . . . . . . . . . . . . . . . 2 | 3.1. AES-GMAC . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 4. Implementation Considerations . . . . . . . . . . . . . . . . 3 | 4. Implementation Considerations . . . . . . . . . . . . . . . . 3 | |||
| 5. ASN.1 Module . . . . . . . . . . . . . . . . . . . . . . . . 4 | 5. ASN.1 Module . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 5 | |||
| 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 8.1. Normative References . . . . . . . . . . . . . . . . . . 6 | 8.1. Normative References . . . . . . . . . . . . . . . . . . 6 | |||
| 8.2. Informative References . . . . . . . . . . . . . . . . . 6 | 8.2. Informative References . . . . . . . . . . . . . . . . . 6 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 6 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 1. Introduction | 1. Introduction | |||
| This document specifies the conventions for using the AES-GMAC | This document specifies the conventions for using the AES-GMAC | |||
| [AES][GCM] Message Authentication Code (MAC) algorithm with the | [AES][GCM] Message Authentication Code (MAC) algorithm with the | |||
| Cryptographic Message Syntax (CMS) [RFC5652]. | Cryptographic Message Syntax (CMS) [RFC5652]. | |||
| 2. Terminology | 2. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| skipping to change at page 4, line 5 ¶ | skipping to change at page 3, line 50 ¶ | |||
| [GCM]. An implementation of AES-GCM can be used to compute the GMAC | [GCM]. An implementation of AES-GCM can be used to compute the GMAC | |||
| message authentication code by providing the content-authentication | message authentication code by providing the content-authentication | |||
| key as the AES key, the nonce as the initialization vector, a zero- | key as the AES key, the nonce as the initialization vector, a zero- | |||
| length plaintext content, and the content to be authenticated as the | length plaintext content, and the content to be authenticated as the | |||
| additional authenticated data (AAD). The result of the AES-GCM | additional authenticated data (AAD). The result of the AES-GCM | |||
| invocation is the AES-GMAC authentication code, which is called the | invocation is the AES-GMAC authentication code, which is called the | |||
| authentication tag in some implementations. In AES-GCM, the | authentication tag in some implementations. In AES-GCM, the | |||
| encryption step is skipped when no input plaintext is provided, and | encryption step is skipped when no input plaintext is provided, and | |||
| therefore, no ciphertext is produced. | therefore, no ciphertext is produced. | |||
| The DEFAULT and RECOMMENDED values in GMACParameters were selected to | ||||
| align with the parameters defined for AES-GCM in Section 3.2 of | ||||
| [RFC5084]. | ||||
| 5. ASN.1 Module | 5. ASN.1 Module | |||
| The following ASN.1 module uses the definition for MAC-ALGORITHM from | The following ASN.1 module uses the definition for MAC-ALGORITHM from | |||
| [RFC5912]. | [RFC5912]. | |||
| CryptographicMessageSyntaxGMACAlgorithms | CryptographicMessageSyntaxGMACAlgorithms | |||
| { iso(1) member-body(2) us(840) rsadsi(113549) | { iso(1) member-body(2) us(840) rsadsi(113549) | |||
| pkcs(1) pkcs-9(9) smime(16) modules(0) | pkcs(1) pkcs-9(9) smime(16) modules(0) | |||
| id-mod-aes-gmac-alg-2020(TBD) } | id-mod-aes-gmac-alg-2020(TBD) } | |||
| skipping to change at page 6, line 45 ¶ | skipping to change at page 6, line 45 ¶ | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| 8.2. Informative References | 8.2. Informative References | |||
| [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, | [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, | |||
| "Randomness Requirements for Security", BCP 106, RFC 4086, | "Randomness Requirements for Security", BCP 106, RFC 4086, | |||
| DOI 10.17487/RFC4086, June 2005, | DOI 10.17487/RFC4086, June 2005, | |||
| <https://www.rfc-editor.org/info/rfc4086>. | <https://www.rfc-editor.org/info/rfc4086>. | |||
| [RFC5084] Housley, R., "Using AES-CCM and AES-GCM Authenticated | ||||
| Encryption in the Cryptographic Message Syntax (CMS)", | ||||
| RFC 5084, DOI 10.17487/RFC5084, November 2007, | ||||
| <https://www.rfc-editor.org/info/rfc5084>. | ||||
| [RFC5912] Hoffman, P. and J. Schaad, "New ASN.1 Modules for the | [RFC5912] Hoffman, P. and J. Schaad, "New ASN.1 Modules for the | |||
| Public Key Infrastructure Using X.509 (PKIX)", RFC 5912, | Public Key Infrastructure Using X.509 (PKIX)", RFC 5912, | |||
| DOI 10.17487/RFC5912, June 2010, | DOI 10.17487/RFC5912, June 2010, | |||
| <https://www.rfc-editor.org/info/rfc5912>. | <https://www.rfc-editor.org/info/rfc5912>. | |||
| Author's Address | Author's Address | |||
| Russ Housley | Russ Housley | |||
| Vigil Security, LLC | Vigil Security, LLC | |||
| 516 Dranesville Road | 516 Dranesville Road | |||
| Herndon, VA, 20170 | Herndon, VA, 20170 | |||
| United States of America | United States of America | |||
| Email: housley@vigilsec.com | Email: housley@vigilsec.com | |||
| End of changes. 7 change blocks. | ||||
| 5 lines changed or deleted | 15 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||