The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com> Subject: Protocol Action: 'The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH' to Proposed Standard The IESG has approved the following document: - 'The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH ' <draft-mcgrew-aes-gmac-esp-03.txt> as a Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-mcgrew-aes-gmac-esp-03.txt
Technical Summary AES-GMAC-ESP provides an ESP data origin authentication mechanism that is amenable to high speed implementation. Unlike all other ESP authentication mechanisms, it can be parallelized and can avoid pipeline stalls. It is designed so that the incremental cost of implementing it, given an implementation is AES-GCM-ESP (RFC4106), is small. Working Group Summary This draft is not the product of any working group; however, it has been reviewed by the Fibre Channel Security Protocols group in T11, which is considering its adoption. Protocol Quality There is a software prototype implementation of the specification. The document was brought to the attention of the CFRG, which raised no concerns. The document was brought to the attention of the IPsec mail list, which raised no concerns. This document was reviewed by Russ Housley for the IESG. Note to RFC Editor Please delete section 1.1 prior to publication. Please add the following paragraph at the end of Section 3.3 (after figure 3): The use of 32-bit sequence numbers vs. 64-bit extended sequence numbers is determined by the security association (SA) management protocol that is used to create the SA. For IKEv2 [RFC4306] this is negotiated via Transform Type 5, and the default for ESP is to use 64-bit extended sequence numbers in the absence of negotiation (e.g., see Section 2.2.1 of [RFC4303]).