Network Working Group                                           H.J. Lee
Request for Comments: 4162                                     J.H. Yoon
Category: Standards Track                                       J.I. Lee
                                                                    KISA
                                                             August 2005
        
Network Working Group                                           H.J. Lee
Request for Comments: 4162                                     J.H. Yoon
Category: Standards Track                                       J.I. Lee
                                                                    KISA
                                                             August 2005
        

Addition of SEED Cipher Suites to Transport Layer Security (TLS)

向传输层安全性(TLS)添加种子密码套件

Status of This Memo

关于下段备忘

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。

Copyright Notice

版权公告

Copyright (C) The Internet Society (2005).

版权所有(C)互联网协会(2005年)。

Abstract

摘要

This document proposes the addition of new cipher suites to the Transport Layer Security (TLS) protocol to support the SEED encryption algorithm as a bulk cipher algorithm.

本文档建议在传输层安全(TLS)协议中添加新的密码套件,以支持作为批量密码算法的种子加密算法。

1. Introduction
1. 介绍

This document proposes the addition of new cipher suites to the TLS protocol [TLS] to support the SEED encryption algorithm as a bulk cipher algorithm.

本文件建议在TLS协议[TLS]中添加新的密码套件,以支持作为批量密码算法的种子加密算法。

1.1. SEED
1.1. 种子

SEED is a symmetric encryption algorithm that was developed by Korea Information Security Agency (KISA) and a group of experts, beginning in 1998. The input/output block size of SEED is 128-bit and the key length is also 128-bit. SEED has the 16-round Feistel structure. A 128-bit input is divided into two 64-bit blocks and the right 64-bit block is an input to the round function with a 64-bit subkey generated from the key scheduling.

SEED是一种对称加密算法,由韩国信息安全局(KISA)和一组专家从1998年开始开发。种子的输入/输出块大小为128位,密钥长度也为128位。种子具有16个圆形的Feistel结构。128位输入被分为两个64位块,右64位块是round函数的输入,具有从密钥调度生成的64位子密钥。

SEED is easily implemented in various software and hardware because it is designed to increase the efficiency of memory storage and the simplicity of generating keys without degrading the security of the algorithm. In particular, it can be effectively adopted in a computing environment that has a restricted resources such as mobile devices, smart cards, and so on.

SEED易于在各种软件和硬件中实现,因为它旨在提高内存存储的效率和生成密钥的简单性,而不会降低算法的安全性。特别是,它可以有效地应用于资源受限的计算环境中,如移动设备、智能卡等。

SEED is a national industrial association standard [TTASSEED] and is widely used in South Korea for electronic commerce and financial services operated on wired & wireless PKI.

SEED是一项国家工业协会标准[TTASSEED],在韩国广泛用于基于有线和无线PKI的电子商务和金融服务。

The algorithm specification and object identifiers are described in [SEED-ALG]. The SEED homepage, http://www.kisa.or.kr/seed/seed_eng.html, contains a wealth of information about SEED, including detailed specification, evaluation report, test vectors, and so on.

算法规范和对象标识符在[SEED-ALG]中描述。种子主页,http://www.kisa.or.kr/seed/seed_eng.html,包含有关种子的丰富信息,包括详细的规格说明、评估报告、测试向量等。

1.2. Terminology
1.2. 术语

The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in uppercase, as shown) are to be interpreted as described in [RFC2119].

本文件中的关键词“必须”、“不得”、“必需”、“应该”、“不应该”、“建议”、“可以”和“可选”(大写,如图所示)应按照[RFC2119]中所述进行解释。

2. Proposed Cipher Suites
2. 建议的密码套件

The new cipher suites proposed here have the following definitions:

此处提出的新密码套件具有以下定义:

      CipherSuite TLS_RSA_WITH_SEED_CBC_SHA      = { 0x00, 0x96};
      CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA   = { 0x00, 0x97};
      CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA   = { 0x00, 0x98};
      CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA  = { 0x00, 0x99};
      CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA  = { 0x00, 0x9A};
      CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA  = { 0x00, 0x9B};
        
      CipherSuite TLS_RSA_WITH_SEED_CBC_SHA      = { 0x00, 0x96};
      CipherSuite TLS_DH_DSS_WITH_SEED_CBC_SHA   = { 0x00, 0x97};
      CipherSuite TLS_DH_RSA_WITH_SEED_CBC_SHA   = { 0x00, 0x98};
      CipherSuite TLS_DHE_DSS_WITH_SEED_CBC_SHA  = { 0x00, 0x99};
      CipherSuite TLS_DHE_RSA_WITH_SEED_CBC_SHA  = { 0x00, 0x9A};
      CipherSuite TLS_DH_anon_WITH_SEED_CBC_SHA  = { 0x00, 0x9B};
        
3. Cipher Suite Definitions
3. 密码套件定义
3.1. Cipher
3.1. 密码

All the cipher suites described here use SEED in cipher block chaining (CBC) mode as a bulk cipher algorithm. SEED is a 128-bit block cipher with 128-bit key size.

这里描述的所有密码套件都使用加密块链接(CBC)模式中的种子作为批量密码算法。SEED是一种128位的分组密码,密钥大小为128位。

3.2. Hash
3.2. 搞砸

All the cipher suites described here use SHA-1 [SHA-1] in an HMAC construction as described in section 5 of [TLS].

此处描述的所有密码套件在HMAC构造中使用SHA-1[SHA-1],如[TLS]第5节所述。

3.3. Key Exchange
3.3. 密钥交换

The cipher suites defined here differ in the type of certificate and key exchange method. They use the following options:

此处定义的密码套件在证书类型和密钥交换方法上有所不同。他们使用以下选项:

CipherSuite Key Exchange Algorithm

密码套件密钥交换算法

TLS_RSA_WITH_SEED_CBC_SHA RSA TLS_DH_DSS_WITH_SEED_CBC_SHA DH_DSS TLS_DH_RSA_WITH_SEED_CBC_SHA DH_RSA TLS_DHE_DSS_WITH_SEED_CBC_SHA DHE_DSS TLS_DHE_RSA_WITH_SEED_CBC_SHA DHE_RSA TLS_DH_anon_WITH_SEED_CBC_SHA DH_anon

带种子的TLS\U RSA\U CBC\U SHA RSA TLS\U DH\U DSS\U CBC\U SHA DH\U DSS\U TSE\U CBC\U SHA DH\U RSA\U RSA TLS\U CBC\U SHA DHE\U DSS\U CBC\U SHA DHE\U DSS\U DSS\U DHE\U RSA\U SEED\U CBC\U SHA DHE\U SHA DHE\U anon\U SEED\U CBC\U DH

For the meanings of the terms RSA, DH_DSS, DH_RSA, DHE_DSS, DHE_RSA, and DH_anon, please refer to sections 7.4.2 and 7.4.3 of [TLS].

有关术语RSA、DH_DSS、DH_RSA、DHE_DSS、DHE_RSA和DH_anon的含义,请参考[TLS]第7.4.2节和第7.4.3节。

4. Security Considerations
4. 安全考虑

It is not believed that the new cipher suites are less secure than the corresponding older ones. No security problem has been found on SEED. SEED is robust against known attacks, including differential cryptanalysis, linear cryptanalysis, and related key attacks, etc. SEED has gone through wide public scrutinizing procedures. Especially, it has been evaluated and also considered cryptographically secure by trustworthy organizations such as ISO/IEC JTC 1/SC 27 and Japan CRYPTREC (Cryptography Research and Evaluation Committees) [ISOSEED] [CRYPTREC]. SEED has been submitted to several other standardization bodies such as ISO (ISO/IEC 18033-3) and IETF S/MIME Mail Security [SEED-SMIME]; and it is under consideration. For further security considerations, the reader is encouraged to read [SEED-EVAL].

人们并不认为新的密码套件不如相应的旧密码套件安全。在SEED上未发现任何安全问题。SEED对已知的攻击具有鲁棒性,包括差分密码分析、线性密码分析和相关的密钥攻击等。SEED已经通过了广泛的公开审查程序。特别是,ISO/IEC JTC 1/SC 27和日本CRYPTREC(密码学研究和评估委员会)[ISOSEED][CRYPTREC]等值得信赖的组织对其进行了评估,并认为其在加密方面是安全的。SEED已提交给其他几个标准化机构,如ISO(ISO/IEC 18033-3)和IETF S/MIME邮件安全[SEED-SMIME];目前正在考虑。出于进一步的安全考虑,鼓励读者阅读[SEED-EVAL]。

For other security considerations, please refer to the security of the corresponding older cipher suites described in [TLS] and [AES-TLS].

有关其他安全注意事项,请参考[TLS]和[AES-TLS]中描述的相应旧密码套件的安全性。

5. References
5. 工具书类
5.1. Normative References
5.1. 规范性引用文件

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

[TLS] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC 2246, January 1999.

[TLS]Dierks,T.和C.Allen,“TLS协议版本1.0”,RFC 2246,1999年1月。

[TTASSEED] Telecommunications Technology Association (TTA), South Korea, "128-bit Symmetric Block Cipher (SEED)", TTAS.KO-12.0004, September 1998, (In Korean) http://www.tta.or.kr/English/new/main/index.htm.

[TTASSEED]韩国电信技术协会(TTA),“128位对称分组密码(SEED)”,TTAS.KO-12.00041998年9月,(韩文)http://www.tta.or.kr/English/new/main/index.htm.

5.2. Informative References
5.2. 资料性引用

[AES-TLS] Chown, P., "Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)", RFC 3268, June 2002.

[AES-TLS]Chown,P.,“用于传输层安全(TLS)的高级加密标准(AES)密码套件”,RFC 326822002年6月。

[CRYPTREC] Information-technology Promotion Agency (IPA), Japan, CRYPTREC. "SEED Evaluation Report", February 2002, http://www.kisa.or.kr/seed/seed_eng.html.

[CRYPTREC]信息技术促进机构(IPA),日本,CRYPTREC。“种子评估报告”,2002年2月,http://www.kisa.or.kr/seed/seed_eng.html.

[ISOSEED] ISO/IEC JTC 1/SC 27, "National Body contributions on NP 18033 'Encryption Algorithms' in Response to SC 27 N2563 (ATT.3 Korea Contribution)", ISO/IEC JTC 1/SC 27 N2656r1 (n2656_3.zip), October 2000.

[ISOSEED]ISO/IEC JTC 1/SC 27,“国家机构对NP 18033‘加密算法’的贡献,回应SC 27 N2563(附件3韩国贡献)”,ISO/IEC JTC 1/SC 27 N2656r1(n2656_3.zip),2000年10月。

[SEED-EVAL] KISA, "Self Evaluation Report", http://www.kisa.or.kr/seed/seed_eng.html.

[SEED-EVAL]KISA,“自我评估报告”,http://www.kisa.or.kr/seed/seed_eng.html.

[SEED-ALG] Park, J., Lee, S., Kim, J., and J. Lee, "The SEED Encryption Algorithm", RFC 4009, February 2005.

[SEED-ALG]Park,J.,Lee,S.,Kim,J.,和J.Lee,“种子加密算法”,RFC 4009,2005年2月。

[SEED-SMIME] Park, J., Lee, S., Kim, J., and J. Lee, "Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS)", RFC 4010, February 2005.

[SEED-SMIME]Park,J.,Lee,S.,Kim,J.,和J.Lee,“加密消息语法(CMS)中种子加密算法的使用”,RFC 4010,2005年2月。

[SHA-1] FIPS PUB 180-1, "Secure Hash Standard", National Institute of Standards and Technology, U.S. Department of Commerce, April 17, 1995.

[SHA-1]FIPS PUB 180-1,“安全哈希标准”,美国商务部国家标准与技术研究所,1995年4月17日。

Authors' Addresses

作者地址

Hyangjin Lee Korea Information Security Agency

韩国信息安全局

   Phone: +82-2-405-5446
   Fax  : +82-2-405-5319
   EMail: jiinii@kisa.or.kr
        
   Phone: +82-2-405-5446
   Fax  : +82-2-405-5319
   EMail: jiinii@kisa.or.kr
        

Jaeho Yoon Korea Information Security Agency

韩国信息安全局

   Phone: +82-2-405-5434
   Fax  : +82-2-405-5219
   EMail: jhyoon@kisa.or.kr
        
   Phone: +82-2-405-5434
   Fax  : +82-2-405-5219
   EMail: jhyoon@kisa.or.kr
        

Jaeil Lee Korea Information Security Agency

韩国信息安全局

   Phone: +82-2-405-5300
   Fax  : +82-2-405-5219
   EMail: jilee@kisa.or.kr
        
   Phone: +82-2-405-5300
   Fax  : +82-2-405-5219
   EMail: jilee@kisa.or.kr
        

Full Copyright Statement

完整版权声明

Copyright (C) The Internet Society (2005).

版权所有(C)互联网协会(2005年)。

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。

This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。

Intellectual Property

知识产权

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.

IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.

Acknowledgement

确认

Funding for the RFC Editor function is currently provided by the Internet Society.

RFC编辑功能的资金目前由互联网协会提供。