This page will soon be deactivated—explore our new, faster, mobile-friendly site, now centralized in MyWorkspace!

Committed to connecting the world

  •  
ITU GSR 2024

ITU-T work programme

Home : ITU-T Home : ITU-T Work Programme : X.1047     
  ITU-T A.5 justification information for referenced document IETF RFC 7321 (2014) in draft X.1047
1. Clear description of the referenced document:
Name: IETF RFC 7321 (2014)
Title: Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH), August 2014
2. Status of approval:
Approved Mar 2017
3. Justification for the specific reference:
The referenced document is the text on which draft Recommendation X.nsom-sec is based.
4. Current information, if any, about IPR issues:
None.
5. Other useful information describing the "Quality" of the document:
None
6. The degree of stability or maturity of the document:
RFC 7321 is a standards-track document and obsoletes RFC4835.
7. Relationship with other existing or emerging documents:
Extensively referenced, including X.1362.
8. Any explicit references within that referenced document should also be listed:
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997./
[RFC4301] Kent, S. and K. Seo, "Security Architecture for the Internet Protocol", RFC 4301, December 2005./
[RFC4302] Kent, S., "IP Authentication Header", RFC 4302, December 2005./
[RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", RFC 4303, December 2005./
[B96] Bellovin, S., "Problem areas for the IP security protocols", Proceedings of the Sixth Usenix Unix Security Symposium, 1996./
[DP07] Degabriele, J. and K. Paterson, "Attacking the IPsec Standards in Encryption-only Configurations", IEEE Symposium on Privacy and Security, 2007./
[H10] Hoban, A., "Using Intel AES New Instructions and PCLMULQDQ to Significantly Improve IPSec Performance on Linux", Intel White Paper, August 2010./
[KKGEGD] Kounavis, M., Kang, X., Grewal, K., Eszenyi, M., Gueron, S., and D. Durham, "Encrypting the Internet", SIGCOMM, 2010./
[M13] McGrew, D., "Impossible plaintext cryptanalysis and probable-plaintext collision attacks of 64-bit block cipher modes", IACR ePrint, 2012./
[PD10] Paterson, K. and J. Degabriele, "On the (in)security of IPsec in MAC-then-encrypt configurations", CCS '10, ACM Conference on Computer and Communications Security, 2010./
[RFC2404] Madson, C. and R. Glenn, "The Use of HMAC-SHA-1-96 within ESP and AH", RFC 2404, November 1998./
[RFC2405] Madson, C. and N. Doraswamy, "The ESP DES-CBC Cipher Algorithm With Explicit IV", RFC 2405, November 1998./
[RFC2410] Glenn, R. and S. Kent, "The NULL Encryption Algorithm and Its Use With IPsec", RFC 2410, November 1998./
[RFC2451] Pereira, R. and R. Adams, "The ESP CBC-Mode Cipher Algorithms", RFC 2451, November 1998. /
[RFC3566] Frankel, S. and H. Herbert, "The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec", RFC 3566, September 2003./
[RFC3602] Frankel, S., Glenn, R., and S. Kelly, "The AES-CBC Cipher Algorithm and Its Use with IPsec", RFC 3602, September 2003./
[RFC3686] Housley, R., "Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)", RFC 3686, January 2004./
[RFC4106] Viega, J. and D. McGrew, "The Use of Galois/Counter Mode (GCM) in IPsec Encapsulating Security Payload (ESP)", RFC 4106, June 2005./
[RFC4309] Housley, R., "Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP)", RFC 4309, December 2005./
[RFC4543] McGrew, D. and J. Viega, "The Use of Galois Message Authentication Code (GMAC) in IPsec ESP and AH", RFC 4543, May 2006./
[RFC4835] Manral, V., "Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH)", RFC 4835, April 2007./
[RFC4949] Shirey, R., "Internet Security Glossary, Version 2", RFC 4949, August 2007./
[RFC5116] McGrew, D., "An Interface and Algorithms for Authenticated Encryption", RFC 5116, January 2008./
[RFC6151] Turner, S. and L. Chen, "Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms", RFC 6151, March 2011./
[RFC6379] Law, L. and J. Solinas, "Suite B Cryptographic Suites for IPsec", RFC 6379, October 2011./
[V02] Vaudenay, S., "Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...", EUROCRYPT, 2002./
9. Qualification of ISOC/IETF:
9.1-9.6     Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7     The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8     Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
10. Other (for any supplementary information):
None
Note: This form is based on Recommendation ITU-T A.5

© ITU All Rights Reserved

Back to top