Using Authenticated Encryption with Replay prOtection (AERO) in Datagram Transport Layer Security (DTLS)

Document Type Expired Internet-Draft (individual)
Last updated 2014-04-24 (latest revision 2013-10-21)
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Datagram Transport Layer Security (DTLS) is a communication security protocol that is attractive for use in constrained environments, in which it is important to minimize the data expansion added by the security protocol, and to support multicast security . Authenticated Encryption with Replay prOtection (AERO) is a cryptographic technique that is well suited for use in DTLS, especially in these scenarios: it has minimal data expansion, avoids the need to manage implicit state, works well with multiple receivers and multiple senders, and provides strong misuse resistance. This document describes how AERO can be used in DTLS.


David McGrew (
John Foley (
Joseph Salowey (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)