[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Protocol Action: HMAC-MD5 IP Authentication with Replay Prevention to Proposed Standard
The IESG has approved the Internet-Drafts
1. HMAC-MD5 IP Authentication with Replay Prevention
<draft-ietf-ipsec-ah-hmac-md5-04.txt> and
2. HMAC-SHA IP Authentication with Replay Prevention
<draft-ietf-ipsec-ah-hmac-sha-04.txt>
as Proposed Standards.
The IESG also approved the reclassification of RFC1828, IP
Authentication using Keyed MD5, from Proposed Standard to Historic.
These documents are the product of the IP Security Protocol Working
Group. The IESG contact person is Jeffrey Schiller.
Technical Summary
These documents describe two similar Keyed Hashes (one based on MD5
and the other based on SHA) for use in IP Security's Authentication
Header (both IPv4 and IPv6). Hashes such as MD5 and SHA were
designed to be used as "keyless" hashes which can be used in digital
signature systems such as the RSA system and the U.S. Digital
Signature Standard (DSS).
An obvious approach to using them as "keyed" hashes has involved
either prepending the data to be hashed with a secret value (key) or
appending the secret value after the data to be hashed (or both).
However recently significant analysis work has been carried out by
cryptographers as to security of keyed modes of these hashes.
The keyed hash mechanism described in these documents benefits from
this analytical experience and is therefore believed to be much
stronger than the simplistic approaches taken to date in the
Internet community (both in AH and SNMP).
Working Group Summary
These documents are the work product of the IP Security Working
Group. The group has come to consensus that these hashes are good
approaches to the keyed hash function required by the Authentication
Header.
Protocol Quality
This protocol has been reviewed by Jeffrey I. Schiller, Security
Area Director.