| draft-ietf-tls-camellia-04.txt | draft-ietf-tls-camellia-05.txt | |||
|---|---|---|---|---|
| INTERNET-DRAFT S. Moriai | INTERNET-DRAFT S. Moriai | |||
| TLS Working Group Sony Computer Entertainment Inc. | TLS Working Group Sony Computer Entertainment Inc. | |||
| Expiration Date: August 2004 A. Kato | Expiration Date: March 2005 A. Kato | |||
| NTT Software Corporation | NTT Software Corporation | |||
| M. Kanda | M. Kanda | |||
| Nippon Telegraph and Telephone Corporation | Nippon Telegraph and Telephone Corporation | |||
| February 2004 | October 2004 | |||
| Addition of Camellia Ciphersuites to Transport Layer Security (TLS) | Addition of Camellia Ciphersuites to Transport Layer Security (TLS) | |||
| <draft-ietf-tls-camellia-04.txt> | <draft-ietf-tls-camellia-05.txt> | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, I certify that any applicable | ||||
| patent or other IPR claims of which I am aware have been | ||||
| disclosed, and any of which I become aware will be disclosed, in | ||||
| accordance with RFC 3668. | ||||
| This document is an Internet-Draft and is in full conformance with | This document is an Internet-Draft and is in full conformance with | |||
| all provisions of Section 10 of RFC2026. | all provisions of Section 10 of RFC2026. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| Internet-Drafts are draft documents valid for a maximum of six | Internet-Drafts are draft documents valid for a maximum of six | |||
| months and may be updated, replaced, or obsoleted by other documents | months and may be updated, replaced, or obsoleted by other documents | |||
| skipping to change at page 2, line 17 | skipping to change at page 2, line 19 | |||
| Camellia was selected as a recommended cryptographic primitive by | Camellia was selected as a recommended cryptographic primitive by | |||
| the EU NESSIE (New European Schemes for Signatures, Integrity and | the EU NESSIE (New European Schemes for Signatures, Integrity and | |||
| Encryption) project [NESSIE] and included in the list of | Encryption) project [NESSIE] and included in the list of | |||
| cryptographic techniques for Japanese e-Government systems, which | cryptographic techniques for Japanese e-Government systems, which | |||
| were selected by the Japan CRYPTREC (Cryptography Research and | were selected by the Japan CRYPTREC (Cryptography Research and | |||
| Evaluation Committees) [CRYPTREC]. Camellia is also included in | Evaluation Committees) [CRYPTREC]. Camellia is also included in | |||
| specification of the TV-Anytime Forum [TV-ANYTIME]. The TV-Anytime | specification of the TV-Anytime Forum [TV-ANYTIME]. The TV-Anytime | |||
| Forum is an association of organizations that seeks to develop | Forum is an association of organizations that seeks to develop | |||
| specifications to enable audio-visual and other services based on | specifications to enable audio-visual and other services based on | |||
| mass-market high volume digital storage in consumer | mass-market high volume digital storage in consumer | |||
| platforms. Camellia is specified as Ciphersuite in TLS used by Phase | platforms. Camellia is specified as Ciphersuite in TLS used by | |||
| 1 S-7 (Bi-directional Metadata Delivery Protection) | Phase 1 S-7 (Bi-directional Metadata Delivery Protection) | |||
| specification. Camellia has been submitted to other several | specification and S-5 (TV-Anytime Rights Management and Protection | |||
| standardization bodies such as ISO (ISO/IEC 18033) and IETF S/MIME | Information for Broadcast Applications) specification. Camellia | |||
| Mail Security Working Group [Camellia-CMS]. | has been submitted to other several standardization bodies such as | |||
| ISO (ISO/IEC 18033) and IETF S/MIME Mail Security Working Group | ||||
| [Camellia-CMS]. | ||||
| Camellia supports 128-bit block size and 128-, 192-, and 256-bit key | Camellia supports 128-bit block size and 128-, 192-, and 256-bit key | |||
| sizes, i.e. the same interface specifications as the Advanced | sizes, i.e. the same interface specifications as the Advanced | |||
| Encryption Standard (AES) [AES]. | Encryption Standard (AES) [AES]. | |||
| Camellia was jointly developed by NTT and Mitsubishi Electric | Camellia was jointly developed by NTT and Mitsubishi Electric | |||
| Corporation in 2000. It was carefully designed to withstand all | Corporation in 2000. It was carefully designed to withstand all | |||
| known cryptanalytic attacks and even to have a sufficiently large | known cryptanalytic attacks and even to have a sufficiently large | |||
| security leeway. It has been scrutinized by worldwide | security leeway. It has been scrutinized by worldwide | |||
| cryptographic experts. | cryptographic experts. | |||
| skipping to change at page 2, line 43 | skipping to change at page 2, line 47 | |||
| Camellia was also designed to have suitability for both software | Camellia was also designed to have suitability for both software | |||
| and hardware implementations and to cover all possible encryption | and hardware implementations and to cover all possible encryption | |||
| applications that range from low-cost smart cards to high-speed | applications that range from low-cost smart cards to high-speed | |||
| network systems. Compared to the AES, Camellia offers at least | network systems. Compared to the AES, Camellia offers at least | |||
| comparable encryption speed in software and hardware. In | comparable encryption speed in software and hardware. In | |||
| addition, a distinguishing feature is its small hardware design. | addition, a distinguishing feature is its small hardware design. | |||
| Camellia perfectly meets one of the current TLS market | Camellia perfectly meets one of the current TLS market | |||
| requirements, where low power consumption is a mandatory | requirements, where low power consumption is a mandatory | |||
| condition. | condition. | |||
| The Camellia homepage, http://info.isl.ntt.co.jp/camellia/, | The algorithm specification and object identifiers are described | |||
| contains a wealth of information about camellia, including | in [Camellia-Desc]. The Camellia homepage, | |||
| detailed specification, security analysis, performance figures, | http://info.isl.ntt.co.jp/camellia/, contains a wealth of | |||
| reference implementation, test vectors, and intellectual property | information about camellia, including detailed specification, | |||
| information. | security analysis, performance figures, reference implementation, | |||
| test vectors, and intellectual property information. | ||||
| 1.2. Terminology | 1.2. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", | |||
| "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in uppercase, | "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in uppercase, | |||
| as shown) are to be interpreted as described in [RFC2119]. | as shown) are to be interpreted as described in [RFC2119]. | |||
| 2. Proposed Cipher Suites | 2. Proposed Cipher Suites | |||
| The new ciphersuites proposed here have the following definitions: | The new ciphersuites proposed here have the following definitions: | |||
| skipping to change at page 4, line 35 | skipping to change at page 4, line 42 | |||
| At the time of writing this document there are no known weak keys | At the time of writing this document there are no known weak keys | |||
| for Camellia. | for Camellia. | |||
| For other security considerations, please refer to the security | For other security considerations, please refer to the security | |||
| considerations of the corresponding older ciphersuites described | considerations of the corresponding older ciphersuites described | |||
| in [TLS] and [AES-TLS]. | in [TLS] and [AES-TLS]. | |||
| 5. Intellectual Property Rights | 5. Intellectual Property Rights | |||
| The IETF takes no position regarding the validity or scope of any | The IETF takes no position regarding the validity or scope of any | |||
| intellectual property or other rights that might be claimed to | Intellectual Property Rights or other rights that might be claimed | |||
| pertain to the implementation or use of the technology described | to pertain to the implementation or use of the technology | |||
| in this document or the extent to which any license under such | described in this document or the extent to which any license | |||
| rights might or might not be available; neither does it represent | under such rights might or might not be available; nor does it | |||
| that it has made any effort to identify any such rights. | represent that it has made any independent effort to identify any | |||
| Information on the IETF's procedures with respect to rights in | such rights. Information on the procedures with respect to rights | |||
| standards-track and standards-related documentation can be found | in RFC documents can be found in BCP 78 and BCP 79. | |||
| in BCP-11. Copies of claims of rights made available for | ||||
| publication and any assurances of licenses to be made available, | Copies of IPR disclosures made to the IETF Secretariat and any | |||
| or the result of an attempt made to obtain a general license or | assurances of licenses to be made available, or the result of an | |||
| permission for the use of such proprietary rights by implementors | attempt made to obtain a general license or permission for the use | |||
| or users of this specification can be obtained from the IETF | of such proprietary rights by implementers or users of this | |||
| Secretariat. | specification can be obtained from the IETF on-line IPR repository | |||
| at http://www.ietf.org/ipr. | ||||
| The IETF invites any interested party to bring to its attention | The IETF invites any interested party to bring to its attention | |||
| any copyrights, patents or patent applications, or other | any copyrights, patents or patent applications, or other | |||
| proprietary rights which may cover technology that may be required | proprietary rights that may cover technology that may be required | |||
| to practice this standard. Please address the information to the | to implement this standard. Please address the information to the | |||
| IETF Executive Director. | IETF at ietf-ipr@ietf.org. | |||
| The IETF has been notified of intellectual property rights | ||||
| claimed in regard to some or all of the specification contained in | ||||
| this document. For more information consult the online list of | ||||
| claimed rights. | ||||
| 6. References | 6. References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [CamelliaSpec] K. Aoki, T. Ichikawa, M. Kanda, M. Matsui, S. Moriai, | [Camellia-Desc] Matsui, M., Nakajima, J., Moriai, S., "A | |||
| J. Nakajima, and T. Tokita, "Specification of Camellia - a 128-bit | Description of the Camellia Encryption Algorithm", RFC3713, | |||
| Block Cipher". | April 2004. | |||
| http://info.isl.ntt.co.jp/camellia/CRYPTREC/2001/01espec.pdf. | ||||
| [TLS] T. Dierks, and C. Allen, "The TLS Protocol Version 1.0", RFC | [TLS] T. Dierks, and C. Allen, "The TLS Protocol Version 1.0", RFC | |||
| 2246, January 1999. | 2246, January 1999. | |||
| [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate | [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [CamelliaTech] K. Aoki, T. Ichikawa, M. Kanda, M. Matsui, S. Moriai, | [CamelliaTech] Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., | |||
| J. Nakajima, and T. Tokita, "Camellia: A 128-Bit Block Cipher | Moriai, S., Nakajima, J., and Tokita, T., "Camellia: A 128-Bit | |||
| Suitable for Multiple Platforms - Design and Analysis -", In | Block Cipher Suitable for Multiple Platforms - Design and | |||
| Selected Areas in Cryptography, 7th Annual International | Analysis -", In Selected Areas in Cryptography, 7th Annual | |||
| Workshop, SAC 2000, August 2000, Proceedings, Lecture Notes in | International Workshop, SAC 2000, August 2000, Proceedings, | |||
| Computer Science 2012, pp.39-56, Springer-Verlag, 2001. | Lecture Notes in Computer Science 2012, pp.39-56, | |||
| Springer-Verlag, 2001. | ||||
| [Camellia-CMS] S. Moriai and A. Kato, "Use of the Camellia | [Camellia-CMS] Moriai, S. and Kato, A., "Use of the Camellia | |||
| Encryption Algorithm in Cryptographic Message Syntax (CMS)", | Encryption Algorithm in CMS", January 2004, RFC3657. | |||
| RFC 3657, January 2004. | ||||
| [AES] NIST, FIPS PUB 197, "Advanced Encryption Standard (AES)", | [AES] NIST, FIPS PUB 197, "Advanced Encryption Standard (AES)", | |||
| November 2001. http://csrc.nist.gov/publications/fips/fips197/ | November 2001. http://csrc.nist.gov/publications/fips/fips197/ | |||
| fips-197.{ps,pdf}. | fips-197.{ps,pdf}. | |||
| [AES-TLS] P. Chown, "Advanced Encryption Standard (AES) | [AES-TLS] P. Chown, "Advanced Encryption Standard (AES) | |||
| Ciphersuites for Transport Layer Security (TLS)", RFC 3268, | Ciphersuites for Transport Layer Security (TLS)", RFC 3268, | |||
| June 2002. | June 2002. | |||
| [SHA-1] FIPS PUB 180-1, "Secure Hash Standard", National Institute | [SHA-1] FIPS PUB 180-1, "Secure Hash Standard", National Institute | |||
| skipping to change at page 6, line 5 | skipping to change at page 5, line 57 | |||
| [CRYPTREC] Information-technology Promotion Agency (IPA), Japan, | [CRYPTREC] Information-technology Promotion Agency (IPA), Japan, | |||
| CRYPTREC. http://www.ipa.go.jp/security/enc/CRYPTREC/index-e.html. | CRYPTREC. http://www.ipa.go.jp/security/enc/CRYPTREC/index-e.html. | |||
| [NESSIE] The NESSIE project (New European Schemes for Signatures, | [NESSIE] The NESSIE project (New European Schemes for Signatures, | |||
| Integrity and Encryption), | Integrity and Encryption), | |||
| http://www.cosic.esat.kuleuven.ac.be/nessie/. | http://www.cosic.esat.kuleuven.ac.be/nessie/. | |||
| [TV-ANYTIME] TV-Anytime Forum, http://www.tv-anytime.org/. | [TV-ANYTIME] TV-Anytime Forum, http://www.tv-anytime.org/. | |||
| 7. Full Copyright Statement | ||||
| Copyright (C) The Internet Society (2004). This document is | ||||
| subject to the rights, licenses and restrictions contained in BCP | ||||
| 78 and except as set forth therein, the authors retain all their | ||||
| rights. | ||||
| This document and the information contained herein are provided on | ||||
| an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE | ||||
| REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND | ||||
| THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, | ||||
| EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT | ||||
| THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR | ||||
| ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A | ||||
| PARTICULAR PURPOSE. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Shiho Moriai | Shiho Moriai | |||
| Sony Computer Entertainment Inc. | Sony Computer Entertainment Inc. | |||
| Phone: +81-3-6438-7523 | Phone: +81-3-6438-7523 | |||
| Fax: +81-3-6438-8629 | Fax: +81-3-6438-8629 | |||
| Email: camellia@isl.ntt.co.jp (Camellia team) | Email: camellia@isl.ntt.co.jp (Camellia team) | |||
| shiho@rd.scei.sony.co.jp (Shiho Moriai) | shiho "at" rd.scei.sony.co.jp (Shiho Moriai) | |||
| Akihiro Kato | Akihiro Kato | |||
| NTT Software Corporation | NTT Software Corporation | |||
| Phone: +81-45-212-7934 | Phone: +81-45-212-7934 | |||
| Fax: +81-45-212-9800 | Fax: +81-45-212-9800 | |||
| Email: akato@po.ntts.co.jp | Email: akato@po.ntts.co.jp | |||
| Masayuki Kanda | Masayuki Kanda | |||
| Nippon Telegraph and Telephone Corporation | Nippon Telegraph and Telephone Corporation | |||
| Phone: +81-46-859-2437 | Phone: +81-46-859-2437 | |||
| End of changes. | ||||
This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||||