Technical Summary
This specification describes the use of HMAC in conjunction with the
SHA-256, SHA-384, and SHA-512 algorithms in IPsec. These algorithms
may be used as the basis for data origin authentication and integrity
verification mechanisms for the AH, ESP, IKEv1 and IKEv2 protocols,
and also as Pseudo-Random Functions (PRFs) for IKEv1 and IKEv2.
Truncated output lengths are specified for the authentication-related
variants. The PRF variants are not truncated.
Working Group Summary
This document is not the result of any IETF Working Group, but there
has been some discussion of the document on the IPsec mail list.
Protocol Quality
This document was reviewed by Russ Housley for the IESG.
Note to RFC Editor
Please change the status of the [SHA2-2] reference. This should
be an informative reference, not a normative reference.
The PRF using SHA-256 is referred to as "HMAC-SHA-PRF-256" and
"HMAC-SHA-256-PRF" and "PRF_HMAC_SHA2_256" in various places
in the document. Please refer to it as "PRF-HMAC-SHA-256"
everywhere.
The PRF using SHA-384 is referred to as "HMAC-SHA-PRF-384" and
"HMAC-SHA-384-PRF" and "PRF_HMAC_SHA2_384" in various places
in the document. Please refer to it as "PRF-HMAC-SHA-384"
everywhere.
The PRF using SHA-512 is referred to as "HMAC-SHA-PRF-512" and
"HMAC-SHA-512-PRF" and "PRF_HMAC_SHA2_512" in various places
in the document. Please refer to it as "PRF-HMAC-SHA-512"
everywhere.