< draft-ietf-ipsecme-implicit-iv-06.txt		draft-ietf-ipsecme-implicit-iv-07.txt >
	IPSECME D. Migault		IPSECME D. Migault
	Internet-Draft Ericsson		Internet-Draft Ericsson
	Intended status: Standards Track T. Guggemos		Intended status: Standards Track T. Guggemos
	Expires: May 20, 2019 LMU Munich		Expires: October 8, 2019 LMU Munich
	Y. Nir		Y. Nir
	Dell EMC		Dell EMC
	November 16, 2018		April 6, 2019
	Implicit IV for Counter-based Ciphers in Encapsulating Security Payload		Implicit IV for Counter-based Ciphers in Encapsulating Security Payload
	(ESP)		(ESP)
	draft-ietf-ipsecme-implicit-iv-06		draft-ietf-ipsecme-implicit-iv-07
	Abstract		Abstract
	Encapsulating Security Payload (ESP) sends an initialization vector		Encapsulating Security Payload (ESP) sends an initialization vector
	(IV) or nonce in each packet. The size of IV depends on the applied		(IV) or nonce in each packet. The size of IV depends on the applied
	transform, being usually 8 or 16 octets for the transforms defined by		transform, being usually 8 or 16 octets for the transforms defined by
	the time this document is written. Some algorithms such as AES-GCM,		the time this document is written. Some algorithms such as AES-GCM,
	AES-CCM, AES-CTR and ChaCha20-Poly1305 require a unique nonce but do		AES-CCM, AES-CTR and ChaCha20-Poly1305 require a unique nonce but do
	not require an unpredictable nonce. When using such algorithms the		not require an unpredictable nonce. When using such algorithms the
	packet counter value can be used to generate a nonce. This avoids		packet counter value can be used to generate a nonce. This avoids
	skipping to change at page 1, line 43 ¶		skipping to change at page 1, line 43 ¶
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute		Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-		working documents as Internet-Drafts. The list of current Internet-
	Drafts is at https://datatracker.ietf.org/drafts/current/.		Drafts is at https://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	This Internet-Draft will expire on May 20, 2019.		This Internet-Draft will expire on October 8, 2019.
	Copyright Notice		Copyright Notice
	Copyright (c) 2018 IETF Trust and the persons identified as the		Copyright (c) 2019 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(https://trustee.ietf.org/license-info) in effect on the date of		(https://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	carefully, as they describe your rights and restrictions with respect		carefully, as they describe your rights and restrictions with respect
	to this document. Code Components extracted from this document must		to this document. Code Components extracted from this document must
	include Simplified BSD License text as described in Section 4.e of		include Simplified BSD License text as described in Section 4.e of
	the Trust Legal Provisions and are provided without warranty as		the Trust Legal Provisions and are provided without warranty as
	skipping to change at page 2, line 27 ¶		skipping to change at page 2, line 27 ¶
	1. Requirements notation . . . . . . . . . . . . . . . . . . . . 2		1. Requirements notation . . . . . . . . . . . . . . . . . . . . 2
	2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2		2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
	3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3		3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
	4. Implicit IV . . . . . . . . . . . . . . . . . . . . . . . . . 3		4. Implicit IV . . . . . . . . . . . . . . . . . . . . . . . . . 3
	5. Initiator Behavior . . . . . . . . . . . . . . . . . . . . . 4		5. Initiator Behavior . . . . . . . . . . . . . . . . . . . . . 4
	6. Responder Behavior . . . . . . . . . . . . . . . . . . . . . 4		6. Responder Behavior . . . . . . . . . . . . . . . . . . . . . 4
	7. Security Consideration . . . . . . . . . . . . . . . . . . . 4		7. Security Consideration . . . . . . . . . . . . . . . . . . . 4
	8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5		8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5
	9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5		9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5
	10. References . . . . . . . . . . . . . . . . . . . . . . . . . 5		10. References . . . . . . . . . . . . . . . . . . . . . . . . . 5
	10.1. Normative References . . . . . . . . . . . . . . . . . . 5		10.1. Normative References . . . . . . . . . . . . . . . . . . 6
	10.2. Informational References . . . . . . . . . . . . . . . . 7		10.2. Informational References . . . . . . . . . . . . . . . . 7
	Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7		Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7
	1. Requirements notation		1. Requirements notation
	The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",		The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
	"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this		"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
	document are to be interpreted as described in [RFC2119].		document are to be interpreted as described in [RFC2119].
	2. Introduction		2. Introduction
	skipping to change at page 4, line 20 ¶		skipping to change at page 4, line 20 ¶
	| Extended |		| Extended |
	| Sequence Number |		| Sequence Number |
	+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+		+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
	Figure 2: Implicit IV with an 8 byte Extended Sequence Number		Figure 2: Implicit IV with an 8 byte Extended Sequence Number
	o Extended Sequence Number: the 8 byte Extended Sequence Number of		o Extended Sequence Number: the 8 byte Extended Sequence Number of
	the Security Association. The 4 byte low order bytes are carried		the Security Association. The 4 byte low order bytes are carried
	in the ESP packet.		in the ESP packet.
			This document solely defines the IV generation of the algorithms
			defined in [RFC4106] for AES-GCM, [RFC4309] for AES-CCM and [RFC7634]
			for ChaCha20-Poly1305. Any other aspect (including using the Key
			Length attribute) of applying those ciphers with the new Transform
			Types defined in this document MUST be taken from the documents
			defining the use of the algorithms in ESP.
	5. Initiator Behavior		5. Initiator Behavior
	An initiator supporting this feature SHOULD propose implicit IV		An initiator supporting this feature SHOULD propose implicit IV
	algorithms in the Transform Type 1 (Encryption Algorithm)		algorithms in the Transform Type 1 (Encryption Algorithm)
	Substructure of the Proposal Substructure inside the SA Payload. To		Substructure of the Proposal Substructure inside the SA Payload. To
	facilitate backward compatibility with non-supporting peers the		facilitate backward compatibility with non-supporting peers the
	initiator SHOULD also include those same algorithms without Implicit		initiator SHOULD also include those same algorithms without Implicit
	IV (IIV) as separate transforms.		IV (IIV) as separate transforms.
	6. Responder Behavior		6. Responder Behavior
	skipping to change at page 7, line 20 ¶		skipping to change at page 7, line 35 ¶
	<https://www.rfc-editor.org/info/rfc8221>.		<https://www.rfc-editor.org/info/rfc8221>.
	10.2. Informational References		10.2. Informational References
	[BEAST] Thai, T. and J. Juliano, "Here Come The xor Ninjas", ,		[BEAST] Thai, T. and J. Juliano, "Here Come The xor Ninjas", ,
	May 2011, <https://www.researchgate.net/		May 2011, <https://www.researchgate.net/
	publication/266529975_Here_Come_The_Ninjas>.		publication/266529975_Here_Come_The_Ninjas>.
	[I-D.yeung-g-ikev2]		[I-D.yeung-g-ikev2]
	Weis, B. and V. Smyslov, "Group Key Management using		Weis, B. and V. Smyslov, "Group Key Management using
	IKEv2", draft-yeung-g-ikev2-14 (work in progress), July		IKEv2", draft-yeung-g-ikev2-15 (work in progress), March
	2018.		2019.
	[IANA] "IANA IKEv2 Parameter - Type 1 - Encryption Algorithm		[IANA] "IANA IKEv2 Parameter - Type 1 - Encryption Algorithm
	Transform IDs", <https://www.iana.org/assignments/ikev2-		Transform IDs", <https://www.iana.org/assignments/ikev2-
	parameters/ikev2-parameters.xhtml#ikev2-parameters-5>.		parameters/ikev2-parameters.xhtml#ikev2-parameters-5>.
	Authors' Addresses		Authors' Addresses
	Daniel Migault		Daniel Migault
	Ericsson		Ericsson
	8275 Trans Canada Route		8275 Trans Canada Route
End of changes. 8 change blocks.
	8 lines changed or deleted		15 lines changed or added
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/