Protocol Action: The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec to Proposed Standard
The IESG <iesg-secretary@ietf.org> Fri, 04 April 2003 15:37 UTC
Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101])
by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA26654
for <ipsec-archive@lists.ietf.org>; Fri, 4 Apr 2003 10:37:57 -0500 (EST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id IAA12707
Fri, 4 Apr 2003 08:11:05 -0500 (EST)
Message-Id: <200304032103.QAA13664@ietf.org>
To: IETF-Announce:;;;;@tislabs.com;;;
Cc: RFC Editor <rfc-editor@ISI.EDU>, Internet Architecture Board <iab@iab.org>,
ipsec@lists.tislabs.com
From: The IESG <iesg-secretary@ietf.org>
Subject: Protocol Action: The AES-XCBC-MAC-96 Algorithm and Its Use
With IPsec to Proposed Standard
Date: Thu, 03 Apr 2003 16:03:15 -0500
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk
The IESG has approved "The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec" <draft-ietf-ipsec-ciph-aes-xcbc-mac-04.txt> as a Proposed Standard. This document is the product of the IPsec Working Group. The IESG contact persons are Steve Bellovin and Russ Housley. Technical Summary This document defines a new hash algorithm for use in IPsec ESP. It is a variant of the traditional use of a cipher in Cipher Block Chaining (CBC) Mode to compute a hash value. However traditional CBC mode hashes are vulnerable to attack if the amount of data to be protected is of variable length. This document defines a variant of this approach, applied to the Advanced Encryption Standard (AES) that is proof against this vulnerability. Working Group Summary There was working group consensus on this document. Protocol Quality These documents were reviewed by Jeff Schiller.