draft-ietf-smime-camellia-01.txt   draft-ietf-smime-camellia-02.txt 
S/MIME Working Group S. Moriai S/MIME Working Group S. Moriai
Internet Draft NTT Corporation Internet Draft NTT Corporation
Expiration Date: September 2003 A. Kato Expiration Date: September 2003 A. Kato
NTT Software Corporation NTT Software Corporation
March 2003 March 2003
Use of the Camellia Encryption Algorithm in CMS Use of the Camellia Encryption Algorithm in CMS
<draft-ietf-smime-camellia-01.txt> <draft-ietf-smime-camellia-02.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 8, line 36 skipping to change at page 8, line 36
Camellia, the capabilities attribute MUST contain the Camellia OID Camellia, the capabilities attribute MUST contain the Camellia OID
specified above in the category of symmetric algorithms. The specified above in the category of symmetric algorithms. The
parameter associated with this OID MUST be CamelliaSMimeCapability. parameter associated with this OID MUST be CamelliaSMimeCapability.
CamelliaSMimeCapabilty ::= NULL CamelliaSMimeCapabilty ::= NULL
The SMIMECapability SEQUENCE representing Camellia MUST be The SMIMECapability SEQUENCE representing Camellia MUST be
DER-encoded as the following hexadecimal strings: DER-encoded as the following hexadecimal strings:
Key Size Capability Key Size Capability
128 30 0d 06 0b 2a 83 08 8c 9a 4b 3d 01 01 01 02 128 30 0f 06 0b 2a 83 08 8c 9a 4b 3d 01 01 01 02 05 00
196 30 0d 06 0b 2a 83 08 8c 9a 4b 3d 01 01 01 03 196 30 0f 06 0b 2a 83 08 8c 9a 4b 3d 01 01 01 03 05 00
256 30 0d 06 0b 2a 83 08 8c 9a 4b 3d 01 01 01 04 256 30 0f 06 0b 2a 83 08 8c 9a 4b 3d 01 01 01 04 05 00
When a sending agent creates an encrypted message, it has to decide When a sending agent creates an encrypted message, it has to decide
which type of encryption algorithm to use. In general the decision which type of encryption algorithm to use. In general the decision
process involves information obtained from the capabilities lists process involves information obtained from the capabilities lists
included in messages received from the recipient, as well as other included in messages received from the recipient, as well as other
information such as private agreements, user preferences, legal information such as private agreements, user preferences, legal
restrictions, and so on. If users require Camellia for symmetric restrictions, and so on. If users require Camellia for symmetric
encryption, it MUST be supported by the S/MIME clients on both the encryption, it MUST be supported by the S/MIME clients on both the
sending and receiving side, and it MUST be set in the user sending and receiving side, and it MUST be set in the user
preferences. preferences.
5. Security Considerations 5. Security Considerations
This document specifies the use of Camellia for encrypting the This document specifies the use of Camellia for encrypting the
content of a CMS message and for encrypting the symmetric key used content of a CMS message and for encrypting the symmetric key used
to encrypt the content of a CMS message, and the other mechanisms to encrypt the content of a CMS message, and the other mechanisms
are the same as the existing ones. Therefore, the security are the same as the existing ones. Therefore, the security
considerations described in the CMS specifications [CMS][CMSALG] and considerations described in the CMS specifications [CMS][CMSALG] and
the AES key wrap algorithm [AES-WRAP][RFC3394] can be applied to the AES key wrap algorithm [AES-WRAP][RFC3394] can be applied to
this document. As described in Section 3.4, the key wrap algorithm this document. No security problem has been found on Camellia
includes a strong integrity check on the key data. If unwrapping [CRYPTREC][NESSIE].
produces the expected check value in A[0], then the chance that the
key data is corrupt is 2^-64. If unwrapping produces an unexpected
value, then the algorithm implementation MUST return an error, and
it MUST NOT return any key data [AES-WRAP][RFC3394]. In this case,
the error message should not include detailed information about the
error, since attackers can exploit information in the error message
to recover the key data.
Implementations must protect the KEK from disclosure. Compromise of
the KEK may result in the disclosure of all key data protected with
that KEK [RFC3394].
No security problem has been found on Camellia [CRYPTREC][NESSIE].
6. Intellectual Property Statement 6. Intellectual Property Statement
Mitsubishi Electric Corporation and Nippon Telegraph and Telephone Mitsubishi Electric Corporation and Nippon Telegraph and Telephone
Corporation have pending applications or filed patents which are Corporation have pending applications or filed patents which are
essential to Camellia. License policy for these essential patents essential to Camellia. License policy for these essential patents
will be available on the IETF page of Intellectual Property Rights will be available on the IETF page of Intellectual Property Rights
Notices. Notices.
References References
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/