| < draft-peck-suiteb-dtls-srtp-03.txt | draft-peck-suiteb-dtls-srtp-04.txt > | |||
|---|---|---|---|---|
| Network Working Group M. Peck | Network Working Group M. Peck | |||
| Internet Draft The MITRE Corporation | Internet Draft The MITRE Corporation | |||
| Intended Status: Informational K. Igoe | Intended Status: Informational K. Igoe | |||
| Expires: December 23, 2013 National Security Agency | Expires: June 29, 2014 National Security Agency | |||
| June 21, 2013 | December 26, 2013 | |||
| Suite B Profile for Datagram Transport Layer Security / Secure | Suite B Profile for Datagram Transport Layer Security / Secure | |||
| Real-time Transport Protocol (DTLS-SRTP) | Real-time Transport Protocol (DTLS-SRTP) | |||
| draft-peck-suiteb-dtls-srtp-03 | draft-peck-suiteb-dtls-srtp-04 | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute working | Task Force (IETF). Note that other groups may also distribute working | |||
| documents as Internet-Drafts. The list of current Internet-Drafts is | documents as Internet-Drafts. The list of current Internet-Drafts is | |||
| at http://datatracker.ietf.org/drafts/current. | at http://datatracker.ietf.org/drafts/current. | |||
| skipping to change at page 3, line 51 ¶ | skipping to change at page 3, line 51 ¶ | |||
| Suite B requires that key establishment and signature algorithms be | Suite B requires that key establishment and signature algorithms be | |||
| based upon Elliptic Curve Cryptography and that the encryption | based upon Elliptic Curve Cryptography and that the encryption | |||
| algorithm be AES [FIPS197]. Suite B algorithms are defined to | algorithm be AES [FIPS197]. Suite B algorithms are defined to | |||
| support two minimum levels of security: 128 and 192 bits. Suite B | support two minimum levels of security: 128 and 192 bits. Suite B | |||
| includes [SuiteB]: | includes [SuiteB]: | |||
| Encryption Advanced Encryption Standard (AES) (key sizes | Encryption Advanced Encryption Standard (AES) (key sizes | |||
| of 128 and 256 bits) | of 128 and 256 bits) | |||
| Digital Signature Elliptic Curve Digital Signature Algorithm | Digital Signature Elliptic Curve Digital Signature Algorithm | |||
| (ECDSA) [FIPS186-3] (using the curves with 256- | (ECDSA) [FIPS186-4] (using the curves with 256- | |||
| and 384-bit prime moduli as specified in FIPS | and 384-bit prime moduli as specified in FIPS | |||
| PUB 186-3) | PUB 186-4) | |||
| Key Agreement Elliptic Curve Diffie-Hellman (ECDH) | Key Agreement Elliptic Curve Diffie-Hellman (ECDH) | |||
| [SP800-56A] (using the curves with 256- and | [SP800-56A] (using the curves with 256- and | |||
| 384-bit prime moduli as specified in FIPS PUB | 384-bit prime moduli as specified in FIPS PUB | |||
| 186-3) | 186-4) | |||
| Secure Hash SHA-256 and SHA-384 [FIPS180-4] | Secure Hash SHA-256 and SHA-384 [FIPS180-4] | |||
| The curves with 256- and 384-bit prime moduli are described in NIST | The curves with 256- and 384-bit prime moduli are described in NIST | |||
| FIPS 186-3 [FIPS186-3]. They are referred to as P-256 and P-384, | FIPS 186-4 [FIPS186-4]. They are referred to as P-256 and P-384, | |||
| respectively. These elliptic curves appear in the literature under | respectively. These elliptic curves appear in the literature under | |||
| two different names. For sake of clarity, we list both names below: | two different names. For sake of clarity, we list both names below: | |||
| Curve NIST name SECG name | Curve NIST name SECG name | |||
| ------------------------------------ | ------------------------------------ | |||
| P-256 nistp256 secp256r1 | P-256 nistp256 secp256r1 | |||
| P-384 nistp384 secp384r1 | P-384 nistp384 secp384r1 | |||
| 3. Minimum Security Levels for Suite B Compliant Implementations | 3. Minimum Security Levels for Suite B Compliant Implementations | |||
| skipping to change at page 10, line 42 ¶ | skipping to change at page 10, line 42 ¶ | |||
| This document has no actions for IANA. | This document has no actions for IANA. | |||
| 12. References | 12. References | |||
| 12.1. Normative References | 12.1. Normative References | |||
| [FIPS180-4] National Institute of Standards and Technology, | [FIPS180-4] National Institute of Standards and Technology, | |||
| FIPS Publication 180-4: "Secure Hash Standard", | FIPS Publication 180-4: "Secure Hash Standard", | |||
| March 2012. | March 2012. | |||
| [FIPS186-3] National Institute of Standards and Technology, | [FIPS186-4] National Institute of Standards and Technology, | |||
| FIPS Publication 186-3: "Digital Signature Standard | FIPS Publication 186-4: "Digital Signature Standard | |||
| (DSS)", June 2009. | (DSS)", July 2013. | |||
| [FIPS197] National Institute of Standards and Technology, | [FIPS197] National Institute of Standards and Technology, | |||
| "Advanced Encryption Standard (AES)", FIPS | "Advanced Encryption Standard (AES)", FIPS | |||
| Publication 197, November 2001. | Publication 197, November 2001. | |||
| [srtp-gcm] McGrew, D., and K. Igoe, "AES-GCM and AES-CCM | [srtp-gcm] McGrew, D., and K. Igoe, "AES-GCM and AES-CCM | |||
| Authenticated Encryption in Secure RTP (SRTP)", | Authenticated Encryption in Secure RTP (SRTP)", | |||
| draft-ietf-avtcore-srtp-aes-gcm-06, Work in Progress, | draft-ietf-avtcore-srtp-aes-gcm-10, Work in Progress, | |||
| May 2013. | September 2013. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC3711] Baugher, M. McGrew, D., Naslund, M., Carrara, E., and K. | [RFC3711] Baugher, M. McGrew, D., Naslund, M., Carrara, E., and K. | |||
| Norrman, "The Secure Real-time Transport Protocol | Norrman, "The Secure Real-time Transport Protocol | |||
| (SRTP)", RFC 3711, March 2004. | (SRTP)", RFC 3711, March 2004. | |||
| [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer | [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer | |||
| Security (TLS) Protocol Version 1.2", RFC 5246, May | Security (TLS) Protocol Version 1.2", RFC 5246, May | |||
| End of changes. 8 change blocks. | ||||
| 12 lines changed or deleted | 12 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||