[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Protocol Action: HMAC-MD5 IP Authentication with Replay Prevention to Proposed Standard




  The IESG has approved the Internet-Drafts

  1. HMAC-MD5 IP Authentication with Replay Prevention
	<draft-ietf-ipsec-ah-hmac-md5-04.txt> and
  2. HMAC-SHA IP Authentication with Replay Prevention
	<draft-ietf-ipsec-ah-hmac-sha-04.txt>

  as Proposed Standards.

  The IESG also approved the reclassification of RFC1828, IP
  Authentication using Keyed MD5, from Proposed Standard to Historic.

  These documents are the product of the IP Security Protocol Working
  Group. The IESG contact person is Jeffrey Schiller.


Technical Summary

   These documents describe two similar Keyed Hashes (one based on MD5
   and the other based on SHA) for use in IP Security's Authentication
   Header (both IPv4 and IPv6). Hashes such as MD5 and SHA were
   designed to be used as "keyless" hashes which can be used in digital
   signature systems such as the RSA system and the U.S. Digital
   Signature Standard (DSS).

   An obvious approach to using them as "keyed" hashes has involved
   either prepending the data to be hashed with a secret value (key) or
   appending the secret value after the data to be hashed (or both).
   However recently significant analysis work has been carried out by
   cryptographers as to security of keyed modes of these hashes.

   The keyed hash mechanism described in these documents benefits from
   this analytical experience and is therefore believed to be much
   stronger than the simplistic approaches taken to date in the
   Internet community (both in AH and SNMP).

Working Group Summary

   These documents are the work product of the IP Security Working
   Group. The group has come to consensus that these hashes are good
   approaches to the keyed hash function required by the Authentication
   Header.

Protocol Quality

   This protocol has been reviewed by Jeffrey I. Schiller, Security
   Area Director.