[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Nits]

Versions: 00

Host Identity Protocol                                      O. Ponomarev
Internet-Draft                        Helsinki Institute for Information
Intended status: Experimental                                 Technology
Expires: April 22, 2010                                 October 19, 2009


          Additional Key Algorithms for Host Identity Protocol
                       draft-ponomarev-hip-ecc-00

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on April 22, 2010.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.









Ponomarev                Expires April 22, 2010                 [Page 1]


Internet-Draft                   ECC HIP                    October 2009


Abstract

   This document specifies how to use Elliptic Curve Cryptography (ECC)
   public-key algorithms in the Host Identity Protocol (HIP)


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Additions to Host Identity Protocol . . . . . . . . . . . . . . 4
     2.1.  DIFFIE_HELLMAN  . . . . . . . . . . . . . . . . . . . . . . 4
     2.2.  HOST_ID . . . . . . . . . . . . . . . . . . . . . . . . . . 4
   3.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
   4.  Security Considerations . . . . . . . . . . . . . . . . . . . . 6
   5.  Normative References  . . . . . . . . . . . . . . . . . . . . . 7
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 8



































Ponomarev                Expires April 22, 2010                 [Page 2]


Internet-Draft                   ECC HIP                    October 2009


1.  Introduction

   Elliptic Curve Cryptography (ECC) is an approach to public-key
   cryptography offering equivalent security with smaller key sizes than
   RSA or DSA [nist-key-management].  The smaller keys result in less
   computational costs and therefore better performance for HIP
   [RFC4423].  Its reduced power consumption is also important for
   mobile devices.

    Symmetric  |   ECC   |  DH/DSA/RSA
   ------------+---------+-------------
        80     |   160   |     1024
       112     |   224   |     2048
       128     |   256   |     3072
       192     |   384   |     7680
       256     |   512   |    15360

                  Table 1: Comparable Key Sizes (in bits)

   This document describes additions to HIP to support ECC, applicable
   to RFC5201 [RFC5201].  ECC keys may be used both as Host Identity to
   authenticate the hosts and in the Diffie-Hellman key exchange to
   generate a piece of keying material.

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119[RFC2119].
























Ponomarev                Expires April 22, 2010                 [Page 3]


Internet-Draft                   ECC HIP                    October 2009


2.  Additions to Host Identity Protocol

2.1.  DIFFIE_HELLMAN

   The following additional Group IDs MAY be used:

   NAME (NIST)                      |   NAME (SECG)  | Value
   ---------------------------------+----------------+-------
   192-bit Random ECP Group         |    secp192r1   |  7
   224-bit Random ECP Group         |    secp224r1   |  8
   256-bit Random ECP Group         |    secp256r1   |  9
   384-bit Random ECP Group         |    secp384r1   | 10
   521-bit Random ECP Group         |    secp521r1   | 11

   The groups are defined in RFC 5114 [RFC5114].

2.2.  HOST_ID

   The following additional algorithm MAY be supported by the Host
   Identity Protocol Implementations

           Algorithms       Values
   ------------------------------------------------------
            ECC              4 (OPTIONAL)



























Ponomarev                Expires April 22, 2010                 [Page 4]


Internet-Draft                   ECC HIP                    October 2009


3.  IANA Considerations

   This section will be added later on.
















































Ponomarev                Expires April 22, 2010                 [Page 5]


Internet-Draft                   ECC HIP                    October 2009


4.  Security Considerations

   This section will be added later on.
















































Ponomarev                Expires April 22, 2010                 [Page 6]


Internet-Draft                   ECC HIP                    October 2009


5.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4423]  Moskowitz, R. and P. Nikander, "Host Identity Protocol
              (HIP) Architecture", RFC 4423, May 2006.

   [RFC5114]  Lepinski, M. and S. Kent, "Additional Diffie-Hellman
              Groups for Use with IETF Standards", RFC 5114,
              January 2008.

   [RFC5201]  Moskowitz, R., Nikander, P., Jokela, P., and T. Henderson,
              "Host Identity Protocol", RFC 5201, April 2008.

   [nist-key-management]
              "NIST SP 800-57, Recommendation for Key Management -- Part
              1: General (Revised)", May 2006, <http://csrc.nist.gov/
              publications/nistpubs/800-57/SP800-57-Part1.pdf}>.
































Ponomarev                Expires April 22, 2010                 [Page 7]


Internet-Draft                   ECC HIP                    October 2009


Author's Address

   Oleg Ponomarev
   Helsinki Institute for Information Technology
   HIIT, PO Box 9800
   TKK  FIN-02015
   Finland

   Email: oleg.ponomarev@hiit.fi










































Ponomarev                Expires April 22, 2010                 [Page 8]


Html markup produced by rfcmarkup 1.129c, available from https://tools.ietf.org/tools/rfcmarkup/