Camellia Counter Mode and Camellia Counter with CBC-MAC Mode Algorithms
RFC 5528
Document | Type |
RFC - Informational
(April 2009; No errata)
Was draft-kato-camellia-ctrccm (individual in sec area)
|
|
---|---|---|---|
Authors | 加藤 明洋 , Masayuki Kanda , Satoru Kanno | ||
Last updated | 2015-10-14 | ||
Stream | Internent Engineering Task Force (IETF) | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Reviews | |||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 5528 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Tim Polk | ||
Send notices to | (None) |
Network Working Group A. Kato Request for Comments: 5528 NTT Software Corporation Category: Informational M. Kanda NTT S. Kanno NTT Software Corporation April 2009 Camellia Counter Mode and Camellia Counter with CBC-MAC Mode Algorithms Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract This document describes the algorithms and presents test vectors for the Camellia block cipher algorithm in Counter mode (CTR) and Counter with Cipher Block Chaining MAC mode (CCM). The purpose of this document is to make the Camellia-CTR and Camellia-CCM algorithm conveniently available to the Internet Community. Kato, et al. Informational [Page 1] RFC 5528 Camellia-CTR and Camellia-CCM algorithms April 2009 Table of Contents 1. Introduction ....................................................2 1.1. Terminology ................................................3 2. The Camellia Cipher Algorithm ...................................3 2.1. Key Size ...................................................3 2.2. Weak Keys ..................................................3 2.3. Block Size and Padding .....................................3 2.4. Performance ................................................4 3. Modes of Operation ..............................................4 4. Test Vectors ....................................................4 4.1. Camellia-CTR ...............................................4 4.2. Camellia-CCM ...............................................7 5. Security Considerations ........................................20 6. Acknowledgments ................................................20 7. References .....................................................20 7.1. Normative References ......................................20 7.2. Informative References ....................................20 1. Introduction This document describes the use of the Camellia block cipher algorithm in Counter (CTR) mode and Counter with CBC-MAC (CCM) mode. Camellia is a symmetric cipher with a Feistel structure. Camellia was developed jointly by NTT and Mitsubishi Electric Corporation in 2000. It was designed to withstand all known cryptanalytic attacks, and it has been scrutinized by worldwide cryptographic experts. Camellia is suitable for implementation in software and hardware, offering encryption speed in software and hardware implementations that is comparable to Advanced Encryption Standard (AES) [5]. Camellia supports 128-bit block size and 128-, 192-, and 256-bit key lengths, i.e., the same interface specifications as the AES. Therefore, it is easy to implement Camellia-based algorithms by replacing the AES block of AES-based algorithms with a Camellia block. Camellia already has been adopted by the IETF and other international standardization organizations; in particular, the IETF has published specifications for the use of Camellia with IPsec [6], TLS [7], Secure/Multipurpose Internet Mail Extensions (S/MIME) [8], and XML Securiy [9]. Camellia is one of the three ISO/IEC international standard [10] 128-bit block ciphers (Camellia, AES, and Super Effective and Efficient Delivery (SEED)). Camellia was selected as a recommended cryptographic primitive by the EU NESSIE (New European Schemes for Signatures, Integrity and Encryption) project [11] and Kato, et al. Informational [Page 2] RFC 5528 Camellia-CTR and Camellia-CCM algorithms April 2009 was included in the list of cryptographic techniques for Japanese e-Government systems that was selected by the Japanese CRYPTREC (Cryptography Research and Evaluation Committees) [12]. Since optimized source code is provided under several open source licenses [13], Camellia has also been adopted by several open source projects (OpenSSL, FreeBSD, Linux, and Firefox).Show full document text