rfc3217.txt - Network Working Group Request for Comments:...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Network Working Group R. Housley Request for Comments: 3217 RSA Laboratories Category: Informational December 2001 Triple-DES and RC2 Key Wrapping Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2001). All Rights Reserved. Abstract This document specifies the algorithm for wrapping one Triple-DES key with another Triple-DES key and the algorithm for wrapping one RC2 key with another RC2 key. These key wrap algorithms were originally published in section 12.6 of RFC 2630. They are republished since these key wrap algorithms have been found to be useful in contexts beyond those supported by RFC 2630. 1 Introduction Management of symmetric cryptographic keys often leads to situations where one symmetric key is used to encrypt (or wrap) another. Key wrap algorithms are commonly used in two situations. First, key agreement algorithms (such as Diffie-Hellman [DH-X9.42]) generate a pairwise key-encryption key, and a key wrap algorithm is used to encrypt the content-encryption key or a multicast key with the pairwise key-encryption key. Second, a key wrap algorithm is used to encrypt the content-encryption key, multicast key, or session key in a locally generated storage key-encryption key or a key-encryption key that was distributed out-of-band. This document specifies the algorithm for wrapping one Triple-DES key with another Triple-DES key [3DES], and it specifies the algorithm for wrapping one RC2 key with another RC2 key [RC2]. Encryption of a Triple-DES key with another Triple-DES key uses the algorithm specified in section 3. Encryption of a RC2 key with another RC2 key uses the algorithm specified in section 4. Both of these algorithms rely on the key checksum algorithm specified in section 2. Triple- DES and RC2 content-encryption keys are encrypted in Cipher Block Chaining (CBC) mode [MODES]. Housley Informational [Page 1]
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
RFC 3217 Triple-DES and RC2 Key Wrapping December 2001 In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described by Scott Bradner in [STDWORDS]. 2 Key Checksum The key checksum algorithm is used to provide a key integrity check value. The algorithm is: 1. Compute a 20 octet SHA-1 [SHA1] message digest on the key that is to be wrapped. 2. Use the most significant (first) eight octets of the message digest value as the checksum value. 3 Triple-DES Key Wrapping and Unwrapping This section specifies the algorithms for wrapping and unwrapping one Triple-DES key with another Triple-DES key [3DES]. The same key wrap algorithm is used for both Two-key Triple-DES and
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 11/14/2011 for the course COMP 6370 taught by Professor Staff during the Fall '08 term at Auburn University.

Page1 / 9

rfc3217.txt - Network Working Group Request for Comments:...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online