Remove little-used algorithms from IKEv2

Paul Hoffman / VPNC <paul.hoffman@vpnc.org> Thu, 14 March 2002 19:43 UTC

Received: from lists.tislabs.com (portal.gw.tislabs.com [192.94.214.101]) by above.proper.com (8.11.6/8.11.3) with ESMTP id g2EJh2422264; Thu, 14 Mar 2002 11:43:02 -0800 (PST)
Received: by lists.tislabs.com (8.9.1/8.9.1) id NAA04851 Thu, 14 Mar 2002 13:56:44 -0500 (EST)
Mime-Version: 1.0
X-Sender: phoffvpnc@mail.vpnc.org
Message-Id: <p0510140ab8b6a4514ed7@[165.227.249.20]>
Date: Thu, 14 Mar 2002 11:05:46 -0800
To: ipsec@lists.tislabs.com
From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
Subject: Remove little-used algorithms from IKEv2
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ipsec@lists.tislabs.com
Precedence: bulk

The early goals of the successor-to-IKE work was to make it simpler 
and more interoperable. Continuing to list values for algorithms that 
are rarely used or do not have good interoperabilty, or both, goes 
against both of those goals. Some should be removed because they have 
security properties that are so similar to other algorithms that are 
more used that they add nothing to the security of IPsec; they were 
added "because we could" but at the expense of interoperability and 
simplicity. Some of the algorithms, such as single DES, should be 
removed simply because they are a bad idea for security.

The following lists show the algorithms should be removed from the 
IKEv2 spec. Those marked with an asterisk should be removed from 
IKEv2.

Encryption algorithms:
   RESERVED                    0
* ENCR_DES_IV64               1              (RFC1827)
* ENCR_DES                    2              (RFC2405)
   ENCR_3DES                   3              (RFC2451)
* ENCR_RC5                    4              (RFC2451)
* ENCR_IDEA                   5              (RFC2451)
   ENCR_CAST                   6              (RFC2451)
* ENCR_BLOWFISH               7              (RFC2451)
* ENCR_3IDEA                  8              (RFC2451)
* ENCR_DES_IV32               9
* ENCR_RC4                   10
   ENCR_NULL                  11              (RFC2410)
   ENCR_AES_128               12

Pseudo-random Functions:
   RESERVED                    0
   PRF_HMAC_MD5                1                   (RFC2104)
   PRF_HMAC_SHA                2                   (RFC2104)
* PRF_HMAC_TIGER              3                   (RFC2104)

Integrity:
   AUTH_HMAC_MD5              1                     (RFC2403)
   AUTH_HMAC_SHA              2                     (RFC2404)
* AUTH_DES_MAC               3
* AUTH_KPDK_MD5              4                     (RFC1826)

In the same vein, all certificate formats other than #4 (X.509 
Certificate - Signature) should be deprecated as well. "PKCS #7 
wrapped X.509 certificate" is particularly bad given that there is no 
standard for how to "wrap" a certificate.

--Paul Hoffman, Director
--VPN Consortium