Technical Summary
This document describes the use of the Camellia block cipher
algorithm in Cipher Block Chaining Mode, with an explicit IV,
as a confidentiality mechanism within the context of the IPsec
Encapsulating Security Payload (ESP).
Working Group Summary
This is an individual contribution, but it was reviewed by the
IPsec Working Group.
Protocol Quality
This document was reviewed by Russ Housley for the IESG.
RFC Editor Note
Please remove some of the marketing hype from the introductory
material. The goal is to preserve the facts, give credit to the
developers, but eliminate the marketing hype.
OLD:
Camellia was jointly developed by NTT and Mitsubishi Electric
Corporation in 2000. It was carefully designed to withstand all
known cryptanalytic attacks and even to have a sufficiently large
security leeway. It has been scrutinized by worldwide
cryptographic experts.
Camellia was also designed to have suitability for both software
and hardware implementations and to cover all possible encryption
applications that range from low-cost smart cards to high-speed
network systems. Compared to the AES, Camellia offers at least
comparable encryption speed in software and hardware. Camellia has a
Feistel structure, which is different from AES. It is rich for the
IPsec community that has block cipher in which was well verified by
the cryptographic expert with another structure. In addition, a
distinguishing feature is its small hardware design.
The Camellia homepage, http://info.isl.ntt.co.jp/camellia/,
contains a wealth of information about camellia, including
detailed specification, security analysis, performance figures,
reference implementation, test vectors, and intellectual property
information.
NEW:
Camellia is a symmetric cipher with a Feistel structure.
Camellia was jointly developed by NTT and Mitsubishi Electric
Corporation in 2000. It was designed to withstand all known
cryptanalytic attacks, and it has been scrutinized by
cryptographic experts. Camellia is suitable for implementation
in software and hardware, offering encryption speed in
software and hardware implementations that are comparable
to AES.
The Camellia homepage, http://info.isl.ntt.co.jp/camellia/,
contains a wealth of information about camellia, including
detailed specification, security analysis, performance figures,
reference implementation, test vectors, and intellectual property
information.
The last sentence in section 2.1 is irrelevant to this document.
Please delete it.
OLD:
For the use of CBC mode in ESP with 64-bit ciphers, please see [CBC].
The sentence deleted above is the only reference to [CBC]. Please
delete the [CBC] reference too.
OLD:
[CBC] Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher
Algorithms," RFC 2451, November 1998.
Please replace the [ESP] reference with the recently approved update,
which is already in the RFC Editor queue.
OLD:
[ESP] Kent, S. and R. Atkinson, "IP Encapsulating Security
Payload (ESP)", RFC 2406, November 1998.
NEW:
[ESP] Kent, S., "IP Encapsulating Security Payload (ESP)",
draft-ietf-ipsec-esp-v3-09.txt.