draft-ietf-smime-camellia-03.txt   draft-ietf-smime-camellia-04.txt 
S/MIME Working Group S. Moriai S/MIME Working Group S. Moriai
Internet Draft NTT Corporation Internet Draft Sony Computer Entertainment Inc.
Document: draft-ietf-smime-camellia-03.txt A. Kato Document: draft-ietf-smime-camellia-04.txt A. Kato
Expires: October 2003 NTT Software Corporation Expires: December 2003 NTT Software Corporation
April 2003 June 2003
Use of the Camellia Encryption Algorithm in CMS Use of the Camellia Encryption Algorithm in CMS
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 49 skipping to change at page 1, line 49
1. Introduction 1. Introduction
This document specifies the conventions for using the Camellia This document specifies the conventions for using the Camellia
encryption algorithm [CamelliaSpec][CamelliaID] for encryption with encryption algorithm [CamelliaSpec][CamelliaID] for encryption with
the Cryptographic Message Syntax (CMS) [CMS]. The relevant object the Cryptographic Message Syntax (CMS) [CMS]. The relevant object
identifiers (OIDs) and processing steps are provided so that identifiers (OIDs) and processing steps are provided so that
Camellia may be used in the CMS specification (RFC 3369, RFC 3370) Camellia may be used in the CMS specification (RFC 3369, RFC 3370)
for content and key encryption. for content and key encryption.
Note:
This work was done when the first author worked for NTT.
1.1 Camellia 1.1 Camellia
Camellia was jointly developed by Nippon Telegraph and Telephone Camellia was jointly developed by Nippon Telegraph and Telephone
Corporation and Mitsubishi Electric Corporation in 2000. Camellia Corporation and Mitsubishi Electric Corporation in 2000. Camellia
specifies the 128-bit block size and 128-, 192-, and 256-bit key specifies the 128-bit block size and 128-, 192-, and 256-bit key
sizes, the same interface as the Advanced Encryption Standard (AES). sizes, the same interface as the Advanced Encryption Standard (AES).
Camellia is characterized by its suitability for both software and Camellia is characterized by its suitability for both software and
hardware implementations as well as its high level of security. hardware implementations as well as its high level of security.
From a practical viewpoint, it is designed to enable flexibility in From a practical viewpoint, it is designed to enable flexibility in
software and hardware implementations on 32-bit processors widely software and hardware implementations on 32-bit processors widely
used over the Internet and many applications, 8-bit processors used used over the Internet and many applications, 8-bit processors used
in smart cards, cryptographic hardware, embedded systems, and so on in smart cards, cryptographic hardware, embedded systems, and so on
[CamelliaTech]. Moreover, its key setup time is excellent, and its [CamelliaTech]. Moreover, its key setup time is excellent, and its
key agility is superior to that of AES. key agility is superior to that of AES.
Camellia has been scrutinized by the wide cryptographic community Camellia has been scrutinized by the wide cryptographic community
skipping to change at page 2, line 18 skipping to change at page 2, line 20
software and hardware implementations on 32-bit processors widely software and hardware implementations on 32-bit processors widely
used over the Internet and many applications, 8-bit processors used used over the Internet and many applications, 8-bit processors used
in smart cards, cryptographic hardware, embedded systems, and so on in smart cards, cryptographic hardware, embedded systems, and so on
[CamelliaTech]. Moreover, its key setup time is excellent, and its [CamelliaTech]. Moreover, its key setup time is excellent, and its
key agility is superior to that of AES. key agility is superior to that of AES.
Camellia has been scrutinized by the wide cryptographic community Camellia has been scrutinized by the wide cryptographic community
during several projects for evaluating crypto algorithms. In during several projects for evaluating crypto algorithms. In
particular, Camellia was selected as a recommended cryptographic particular, Camellia was selected as a recommended cryptographic
primitive by the EU NESSIE (New European Schemes for Signatures, primitive by the EU NESSIE (New European Schemes for Signatures,
Integrity and Encryption) project [NESSIE] and also included in the Integrity and Encryption) project [NESSIE] and also included in
list of cryptographic techniques for Japanese e-Government systems the list of cryptographic techniques for Japanese e-Government
which are selected by the Japan CRYPTREC (Cryptography Research and systems which were selected by the Japan CRYPTREC (Cryptography
Evaluation Committees) [CRYPTREC]. Research and Evaluation Committees) [CRYPTREC].
1.2 Terminology 1.2 Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD
NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in
uppercase, as shown) are to be interpreted as described in uppercase, as shown) are to be interpreted as described in
[RFC2119]. [RFC2119].
2. Object Identifiers for Content and Key Encryption 2. Object Identifiers for Content and Key Encryption
skipping to change at page 3, line 49 skipping to change at page 3, line 52
id-camellia256-wrap OBJECT IDENTIFIER ::= id-camellia256-wrap OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) 392 200011 61 security(1) { iso(1) member-body(2) 392 200011 61 security(1)
algorithm(1) key-wrap-algorithm(3) algorithm(1) key-wrap-algorithm(3)
camellia256-wrap(4) } camellia256-wrap(4) }
In all cases the parameters field of AlgorithmIdentifier MUST be In all cases the parameters field of AlgorithmIdentifier MUST be
ABSENT, because the key wrapping procedure itself defines how and ABSENT, because the key wrapping procedure itself defines how and
when to use an IV. The OID gives the KEK key size, but does not when to use an IV. The OID gives the KEK key size, but does not
make any statements as to the size of the wrapped Camellia CEK. make any statements as to the size of the wrapped Camellia CEK.
Implementations MAY use different KEK and CEK sizes. Implements Implementations MAY use different KEK and CEK sizes.
MUST support the CEK and the KEK having the same length. If Implementations MUST support the CEK and the KEK having the
different lengths are supported, the KEK MUST be of equal or greater same length. If different lengths are supported, the KEK MUST be
length than the CEK. of equal or greater length than the CEK.
3. Key Wrap Algorithm 3. Key Wrap Algorithm
Camellia key wrapping and unwrapping is done in conformance with the Camellia key wrapping and unwrapping is done in conformance with the
AES key wrap algorithm [AES-WRAP][RFC3394], because Camellia and AES AES key wrap algorithm [AES-WRAP][RFC3394], because Camellia and AES
have the same block and key sizes, i.e. the block size of 128 bits have the same block and key sizes, i.e. the block size of 128 bits
and key sizes of 128, 192, and 256 bits. and key sizes of 128, 192, and 256 bits.
3.1 Notation and Definitions 3.1 Notation and Definitions
The following notation is used in the description of the key The following notation is used in the description of the key
wrapping algorithms: wrapping algorithms:
skipping to change at page 10, line 9 skipping to change at page 10, line 12
[RFC2633] Ramsdell, B., Editor. S/MIME Version 3 Message [RFC2633] Ramsdell, B., Editor. S/MIME Version 3 Message
Specification. RFC 2633. June 1999. Specification. RFC 2633. June 1999.
[RFC3394] J. Schaad and R. Housley, "Advanced Encryption Standard [RFC3394] J. Schaad and R. Housley, "Advanced Encryption Standard
(AES) Key Wrap Algorithm", RFC 3394, September 2002. (AES) Key Wrap Algorithm", RFC 3394, September 2002.
Authors' Address Authors' Address
Shiho Moriai Shiho Moriai
Nippon Telegraph and Telephone Corporation Sony Computer Entertainment Inc.
Phone: +81-46-859-2007 Phone: +81-3-6438-7523
FAX: +81-46-859-3858 FAX: +81-3-6438-8629
Email: camellia@isl.ntt.co.jp Email: camellia@isl.ntt.co.jp (Camellia team)
shiho@rc.scei.sony.co.jp (Shiho Moriai)
Akihiro Kato Akihiro Kato
NTT Software Corporation NTT Software Corporation
Phone: +81-45-212-7404 Phone: +81-45-212-7404
FAX: +81-45-212-7410 FAX: +81-45-212-7410
Email: akato@po.ntts.co.jp Email: akato@po.ntts.co.jp
Appendix A ASN.1 Module Appendix A ASN.1 Module
CamelliaEncryptionAlgorithmInCMS CamelliaEncryptionAlgorithmInCMS
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/