| < draft-ietf-curdle-cms-ecdh-new-curves-07.txt | draft-ietf-curdle-cms-ecdh-new-curves-08.txt > | |||
|---|---|---|---|---|
| Internet-Draft R. Housley | Internet-Draft R. Housley | |||
| Intended status: Standards Track Vigil Security | Intended status: Standards Track Vigil Security | |||
| Expires: 11 November 2017 11 May 2017 | Expires: 2 December 2017 2 June 2017 | |||
| Use of the Elliptic Curve Diffie-Hellman Key Agreement Algorithm | Use of the Elliptic Curve Diffie-Hellman Key Agreement Algorithm | |||
| with X25519 and X448 in the Cryptographic Message Syntax (CMS) | with X25519 and X448 in the Cryptographic Message Syntax (CMS) | |||
| <draft-ietf-curdle-cms-ecdh-new-curves-07.txt> | <draft-ietf-curdle-cms-ecdh-new-curves-08.txt> | |||
| Abstract | Abstract | |||
| This document describes the conventions for using Elliptic Curve | This document describes the conventions for using Elliptic Curve | |||
| Diffie-Hellman (ECDH) key agreement algorithm using curve25519 and | Diffie-Hellman (ECDH) key agreement algorithm using curve25519 and | |||
| curve448 in the Cryptographic Message Syntax (CMS). | curve448 in the Cryptographic Message Syntax (CMS). | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| skipping to change at page 1, line 33 ¶ | skipping to change at page 1, line 33 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 11 November 2017. | This Internet-Draft will expire on 2 December 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 4, line 8 ¶ | skipping to change at page 4, line 8 ¶ | |||
| encryption key that will be produced by the KDF. | encryption key that will be produced by the KDF. | |||
| The ECC-CMS-SharedInfo suppPubInfo field contains the length of the | The ECC-CMS-SharedInfo suppPubInfo field contains the length of the | |||
| generated key-encryption key, in bits, represented as a 32-bit number | generated key-encryption key, in bits, represented as a 32-bit number | |||
| in network byte order. For example, the key length for AES-256 [AES] | in network byte order. For example, the key length for AES-256 [AES] | |||
| would be 0x00000100. | would be 0x00000100. | |||
| 2.1. ANSI-X9.63-KDF | 2.1. ANSI-X9.63-KDF | |||
| The ANSI-X9.63-KDF key derivation function is a simple construct | The ANSI-X9.63-KDF key derivation function is a simple construct | |||
| based on a one-way hash function described in ANS X9.63 [X963]. This | based on a one-way hash function described in American National | |||
| KDF is also described in Section 3.6.1 of [SEC1]. | Standard X9.63 [X963]. This KDF is also described in Section 3.6.1 | |||
| of [SEC1]. | ||||
| Three values are concatenated to produce the input string to the KDF: | Three values are concatenated to produce the input string to the KDF: | |||
| 1. The shared secret value generated by ECDH, K. | 1. The shared secret value generated by ECDH, K. | |||
| 2. The iteration counter, starting with one, as described below. | 2. The iteration counter, starting with one, as described below. | |||
| 3. The DER-encoded ECC-CMS-SharedInfo structure. | 3. The DER-encoded ECC-CMS-SharedInfo structure. | |||
| To generate a key-encryption key (KEK), the KDF generates one or more | To generate a key-encryption key (KEK), the KDF generates one or more | |||
| KM blocks, with the counter starting at 0x00000001, and incrementing | KM blocks, with the counter starting at 0x00000001, and incrementing | |||
| the counter for each subsequent KM block until enough material has | the counter for each subsequent KM block until enough material has | |||
| been generated. The 32-bit counter is represented in network byte | been generated. The 32-bit counter is represented in network byte | |||
| End of changes. 4 change blocks. | ||||
| 5 lines changed or deleted | 6 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||