Camellia Counter Mode and Camellia Counter with CBC-MAC Mode Algorithms
RFC 5528
| Document | Type |
RFC - Informational
(April 2009; No errata)
Was draft-kato-camellia-ctrccm (individual in sec area)
|
|
|---|---|---|---|
| Authors | 加藤 明洋 , Masayuki Kanda , Satoru Kanno | ||
| Last updated | 2015-10-14 | ||
| Stream | Internent Engineering Task Force (IETF) | ||
| Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
| Reviews | |||
| Stream | WG state | (None) | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 5528 (Informational) | |
| Action Holders |
(None)
|
||
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Tim Polk | ||
| Send notices to | (None) | ||
Network Working Group A. Kato
Request for Comments: 5528 NTT Software Corporation
Category: Informational M. Kanda
NTT
S. Kanno
NTT Software Corporation
April 2009
Camellia Counter Mode and Camellia Counter with CBC-MAC Mode Algorithms
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document.
Abstract
This document describes the algorithms and presents test vectors for
the Camellia block cipher algorithm in Counter mode (CTR) and Counter
with Cipher Block Chaining MAC mode (CCM). The purpose of this
document is to make the Camellia-CTR and Camellia-CCM algorithm
conveniently available to the Internet Community.
Kato, et al. Informational [Page 1]
RFC 5528 Camellia-CTR and Camellia-CCM algorithms April 2009
Table of Contents
1. Introduction ....................................................2
1.1. Terminology ................................................3
2. The Camellia Cipher Algorithm ...................................3
2.1. Key Size ...................................................3
2.2. Weak Keys ..................................................3
2.3. Block Size and Padding .....................................3
2.4. Performance ................................................4
3. Modes of Operation ..............................................4
4. Test Vectors ....................................................4
4.1. Camellia-CTR ...............................................4
4.2. Camellia-CCM ...............................................7
5. Security Considerations ........................................20
6. Acknowledgments ................................................20
7. References .....................................................20
7.1. Normative References ......................................20
7.2. Informative References ....................................20
1. Introduction
This document describes the use of the Camellia block cipher
algorithm in Counter (CTR) mode and Counter with CBC-MAC (CCM) mode.
Camellia is a symmetric cipher with a Feistel structure. Camellia
was developed jointly by NTT and Mitsubishi Electric Corporation in
2000. It was designed to withstand all known cryptanalytic attacks,
and it has been scrutinized by worldwide cryptographic experts.
Camellia is suitable for implementation in software and hardware,
offering encryption speed in software and hardware implementations
that is comparable to Advanced Encryption Standard (AES) [5].
Camellia supports 128-bit block size and 128-, 192-, and 256-bit key
lengths, i.e., the same interface specifications as the AES.
Therefore, it is easy to implement Camellia-based algorithms by
replacing the AES block of AES-based algorithms with a Camellia
block.
Camellia already has been adopted by the IETF and other international
standardization organizations; in particular, the IETF has published
specifications for the use of Camellia with IPsec [6], TLS [7],
Secure/Multipurpose Internet Mail Extensions (S/MIME) [8], and XML
Securiy [9]. Camellia is one of the three ISO/IEC international
standard [10] 128-bit block ciphers (Camellia, AES, and Super
Effective and Efficient Delivery (SEED)). Camellia was selected as a
recommended cryptographic primitive by the EU NESSIE (New European
Schemes for Signatures, Integrity and Encryption) project [11] and
Kato, et al. Informational [Page 2]
RFC 5528 Camellia-CTR and Camellia-CCM algorithms April 2009
was included in the list of cryptographic techniques for Japanese
e-Government systems that was selected by the Japanese CRYPTREC
(Cryptography Research and Evaluation Committees) [12].
Since optimized source code is provided under several open source
licenses [13], Camellia has also been adopted by several open source
projects (OpenSSL, FreeBSD, Linux, and Firefox).
Show full document text