Internet Engineering Task Force (IETF) J. Jeong Request for Comments: 5748 H. Kim Category: Informational H. Jeong ISSN: 2070-1721 Y. Won Korea Internet & Security Agency August 2010
Internet Engineering Task Force (IETF) J. Jeong Request for Comments: 5748 H. Kim Category: Informational H. Jeong ISSN: 2070-1721 Y. Won Korea Internet & Security Agency August 2010
IANA Registry Update for Support of the SEED Cipher Algorithm in Multimedia Internet KEYing (MIKEY)
IANA注册表更新,支持多媒体互联网密钥(MIKEY)中的种子密码算法
Abstract
摘要
This document updates IANA registries to support the SEED block cipher algorithm for the Secure Real-time Transport Protocol (SRTP) and the secure Real-time Transport Control Protocol (SRTCP) in Multimedia Internet KEYing (MIKEY).
本文档更新IANA注册表,以支持多媒体互联网密钥(MIKEY)中安全实时传输协议(SRTP)和安全实时传输控制协议(SRTCP)的种子分组密码算法。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for informational purposes.
本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc5748.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc5748.
Copyright Notice
版权公告
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2010 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2 1.1. SEED .......................................................2 2. Additions to MIKEY Payload ......................................2 2.1. Modified Table 6.10.1.b from RFC 3830 ......................3 2.2. Modified Table 6.10.1.d from RFC 3830 ......................3 3. Security Considerations .........................................3 4. IANA Considerations .............................................3 5. Acknowledgements ................................................3 6. References ......................................................4 6.1. Normative References .......................................4 6.2. Informative References .....................................4
1. Introduction ....................................................2 1.1. SEED .......................................................2 2. Additions to MIKEY Payload ......................................2 2.1. Modified Table 6.10.1.b from RFC 3830 ......................3 2.2. Modified Table 6.10.1.d from RFC 3830 ......................3 3. Security Considerations .........................................3 4. IANA Considerations .............................................3 5. Acknowledgements ................................................3 6. References ......................................................4 6.1. Normative References .......................................4 6.2. Informative References .....................................4
This document updates IANA registries to support the SEED [RFC4269] block cipher algorithm for the Secure Real-time Transport Protocol (SRTP) and the Secure Real-time Transport Control Protocol (SRTCP) [RFC3711] in Multimedia Internet KEYing (MIKEY) [RFC3830].
本文档更新IANA注册表,以支持多媒体互联网密钥(MIKEY)[RFC3830]中安全实时传输协议(SRTP)和安全实时传输控制协议(SRTCP)[RFC3711]的SEED[RFC4269]分组密码算法。
SEED is a 128-bit symmetric key block cipher that has been developed by KISA (Korea Information Security Agency) and a group of experts since 1998. The input/output block size of SEED is 128-bit, and the key length is also 128-bit. SEED has a 16-round Feistel structure.
SEED是一种128位对称密钥分组密码,由KISA(韩国信息安全局)和一组专家自1998年以来开发。种子的输入/输出块大小为128位,密钥长度也为128位。种子有16个圆形的Feistel结构。
SEED is a Korean National Industrial Association standard and is widely used in South Korea for electronic commerce and various security products such as firewalls, VPNs, and so on.
SEED是韩国国家工业协会标准,在韩国广泛用于电子商务和各种安全产品,如防火墙、VPN等。
This section specifies new code points for the MIKEY [RFC3830] payload to indicate the use of the SEED cipher algorithm for SRTP and SRTCP. There are three applicable modes of running SEED: SEED in Counter Mode (SEED-CTR), SEED in Counter with CBC-MAC Mode (SEED-CCM), and SEED in Galois/Counter Mode (SEED-GCM) Mode. These are defined in [RFC5669].
本节指定MIKEY[RFC3830]有效负载的新代码点,以指示对SRTP和SRTCP使用种子密码算法。运行SEED有三种适用模式:计数器模式下的SEED(SEED-CTR)、CBC-MAC模式下的计数器中的SEED(SEED-CCM)和Galois/计数器模式下的SEED(SEED-GCM)。这些在[RFC5669]中定义。
IANA has amended the sub-registry derived from Table 6.10.1.b of [RFC3830] as follows:
IANA已将源自[RFC3830]表6.10.1.b的子注册表修改如下:
SRTP encr alg | Value --------------------- NULL | 0 AES-CM | 1 AES-F8 | 2 SEED-CTR | 3 (NEW) SEED-CCM | 4 (NEW) SEED-GCM | 5 (NEW)
SRTP encr alg | Value --------------------- NULL | 0 AES-CM | 1 AES-F8 | 2 SEED-CTR | 3 (NEW) SEED-CCM | 4 (NEW) SEED-GCM | 5 (NEW)
Figure 1: Table 6.10.1.b from [RFC3830] (Revised)
图1:RFC3830中的表6.10.1.b(修订版)
IANA has amended the sub-registry derived from Table 6.10.1.d of [RFC3830] as follows:
IANA已将源自[RFC3830]表6.10.1.d的子注册表修改如下:
SRTP PRF | Value --------------------- AES-CM | 0 SEED-CTR | 1 (NEW)
SRTP PRF | Value --------------------- AES-CM | 0 SEED-CTR | 1 (NEW)
Figure 2: Table 6.10.1.d from [RFC3830] (Revised)
图2:RFC3830中的表6.10.1.d(修订版)
No security problem has been found on SEED. SEED is secure against all known attacks including differential cryptanalysis, linear cryptanalysis, and related key attacks. The only known attack is an exhaustive search for the key. For further security considerations, the reader is encouraged to read [SEED-EVAL].
在SEED上未发现任何安全问题。SEED对所有已知的攻击都是安全的,包括差分密码分析、线性密码分析和相关的密钥攻击。唯一已知的攻击是彻底搜索密钥。出于进一步的安全考虑,鼓励读者阅读[SEED-EVAL]。
IANA has amended the indicated sub-registries in Section 2 of the MIKEY [RFC3830] Payload Name registry according to Sections 2.1 and 2.2 above.
IANA已根据上述第2.1节和第2.2节修改了MIKEY[RFC3830]有效负载名称注册表第2节中指定的子注册表。
The authors would like to thank David McGrew, Spencer Dawkins, SangHwan Park, Brian Weis, and Tim Polk for their reviews and support.
作者要感谢David McGrew、Spencer Dawkins、SangHwan Park、Brian Weis和Tim Polk的评论和支持。
[RFC3711] Baugher, M., McGrew, D., Naslund, M., Carrara, E., and K. Norrman, "The Secure Real-time Transport Protocol (SRTP)", RFC 3711, March 2004.
[RFC3711]Baugher,M.,McGrew,D.,Naslund,M.,Carrara,E.,和K.Norrman,“安全实时传输协议(SRTP)”,RFC 37112004年3月。
[RFC3830] Arkko, J., Carrara, E., Lindholm, F., Naslund, M., and K. Norrman, "MIKEY: Multimedia Internet KEYing", RFC 3830, August 2004.
[RFC3830]Arkko,J.,Carrara,E.,Lindholm,F.,Naslund,M.,和K.Norrman,“米奇:多媒体互联网键控”,RFC 3830,2004年8月。
[RFC4269] Lee, H., Lee, S., Yoon, J., Cheon, D., and J. Lee, "The SEED Encryption Algorithm", RFC 4269, December 2005.
[RFC4269]Lee,H.,Lee,S.,Yoon,J.,Cheon,D.,和J.Lee,“种子加密算法”,RFC 4269,2005年12月。
[RFC5669] Yoon, S., Kim, J., Park, H., Jeong, H., and Y. Won, "The SEED Cipher Algorithm and Its Use with the Secure Real-Time Transport Protocol (SRTP)", RFC 5669, August 2010.
[RFC5669]Yoon,S.,Kim,J.,Park,H.,Jeong,H.,和Y.Won,“种子密码算法及其与安全实时传输协议(SRTP)的使用”,RFC 5669,2010年8月。
[SEED-EVAL] KISA, "Self Evaluation Report", http://seed.kisa.or.kr/eng/main.jsp
[SEED-EVAL] KISA, "Self Evaluation Report", http://seed.kisa.or.kr/eng/main.jsp
Authors' Addresses
作者地址
Seokung Yoon Korea Internet & Security Agency IT Venture Tower, Jungdaero 135, Songpa-gu Seoul, Korea 138-950 EMail: seokung@kisa.or.kr
Seokung Yoon韩国互联网与安全机构IT风险投资大厦,韩国首尔松巴谷正大路135号138-950电子邮件:seokung@kisa.or.kr
Jongil Jeong Korea Internet & Security Agency IT Venture Tower, Jungdaero 135, Songpa-gu Seoul, Korea 138-950 EMail: jijeong@kisa.or.kr
Jongil Jeong韩国互联网与安全机构IT风险投资大厦,韩国首尔松巴谷正大路135号138-950电子邮件:jijeong@kisa.or.kr
Hwankuk Kim Korea Internet & Security Agency IT Venture Tower, Jungdaero 135, Songpa-gu Seoul, Korea 138-950 EMail: rinyfeel@kisa.or.kr
Hwankuk Kim韩国互联网与安全机构IT风险投资大厦,韩国首尔松巴谷正大罗135号138-950电子邮件:rinyfeel@kisa.or.kr
Hyuncheol Jeong Korea Internet & Security Agency IT Venture Tower, Jungdaero 135, Songpa-gu Seoul, Korea 138-950 EMail: hcjung@kisa.or.kr
韩国首尔松巴谷正大路135号韩国互联网与安全局IT创业大厦Hyunchel Jeong 138-950电子邮件:hcjung@kisa.or.kr
Yoojae Won Korea Internet & Security Agency IT Venture Tower, Jungdaero 135, Songpa-gu Seoul, Korea 138-950 EMail: yjwon@kisa.or.kr
Yoojae-Won韩国互联网和安全机构IT风险投资大厦,韩国首尔松巴谷正大路135号138-950电子邮件:yjwon@kisa.or.kr