[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The Use of Camellia with IPsec

To: ipsec@lists.tislabs.com
Subject: The Use of Camellia with IPsec
From: Shiho MORIAI <shiho@sucaba.isl.ntt.co.jp>
Date: Wed, 28 Nov 2001 10:09:24 JST
cc: Shiho Moriai <shiho@sucaba.isl.ntt.co.jp>, Yiqun Lisa Yin <yiqun@nttmcl.com>, Satomi Okazaki <satomi@nttmcl.com>
Sender: owner-ipsec@lists.tislabs.com


Hi all,

We submitted the following I-D, which was announced in this mailing
list on Mon, 19 Nov 2001 08:29:02 -0500:

> Title    : The Camellia Cipher Algorithm and Its Use with IPsec
> Authors  : S. Moriai, Y. L. Yin, S. Okazaki
> Filename : draft-ietf-ipsec-ciph-camellia-00.txt
>
> Abstract :
>    This document describes the use of the Camellia block cipher
>    algorithm in Cipher Block Chaining Mode, with an explicit IV, as a
>    confidentiality mechanism within the context of the IPsec
>    Encapsulating Security Payload (ESP).

The reason why we submitted this I-D as a working group draft is to
find people interested in including the Camellia cipher in your IPsec
implementation.  

Camellia is a 128-bit block cipher and supports 128-, 192-, and
256-bit key lengths, i.e. the same interface specifications as the
AES.  A reference code is available on the Camellia home page:
http://info.isl.ntt.co.jp/camellia/ and we are planning to offer
another optimized reference code.

As we wrote in the I-D, Camellia was jointly developed by NTT and
Mitsubishi Electric Corporation in 2000.  Camellia was designed to
have suitability for both software and hardware implementations and to
cover all possible encryption applications that range from low-end
smart cards to high-speed network systems.  The most distinguished
feature is its small hardware design. It can be implemented using only
8.12K gates using a 0.18um CMOS ASIC library [Camellia], which enables
low power consumption hardware.  It perfectly meets one of the current
IPsec market requirements.  

``AES should be more than sufficient,'' some people say.  However, it
would be preferable to have another option as an alternative to the
AES.  We believe that Camellia will be a good backup algorithm.

Camellia has been submitted to several standardization bodies such as
ISO (ISO/IEC 18033) and IETF (TLS working group) and it is under
consideration.  It has also been submitted to several cryptographic
techniques evaluation projects such as NESSIE and CRYPTREC, and it has
been scrutinized by worldwide cryptographic experts.  In particular,
the NESSIE project plans to develop by the end of 2002 a strong
portfolio of crypto algorithms and intends to input these algorithms
to standardization bodies such as ISO, IETF, and IEEE.  In September
2001, the project announced its selection of the algorithms for the
2nd phase of the project.  Camellia is one of the three 128-bit block
cipher finalists selected out of 8 candidates.

Since Camellia is becoming popular and a "standard" cipher in Japan, I
was asked by some people to obtain IDs so that they can include it in
their IPsec implementation.  We would be very happy if you have
interest in Camellia and grant us some time at the upcoming Salt Lake
City IETF meeting. 

Comments and questions are welcome.  Please address them to this
mailing list.


[Camellia]  Aoki, K, T. Ichikawa, M. Kanda, M. Matsui, S. Moriai, 
J. Nakajima, and T. Tokita, "Camellia: A 128-Bit Block Cipher 
Suitable for Multiple Platforms,'' September, 2001, 
http://info.isl.ntt.co.jp/camellia/CRYPTREC/2001/01eeval.pdf.

Prev by Date: Re: SOI: identity protection and DOS
Next by Date: Re: SOI: identity protection and DOS
Prev by thread: Re: [saag] RE: IP Storage and IPsec encapsulation
Next by thread: Correction -- ESP draft
Index(es):
- Main
- Thread