Network Working Group R. Glenn
Request for Comments: 2410 NIST
Category: Standards Track S. Kent
BBN Corp
November 1998
Network Working Group R. Glenn
Request for Comments: 2410 NIST
Category: Standards Track S. Kent
BBN Corp
November 1998
The NULL Encryption Algorithm and Its Use With IPsec
空加密算法及其在IPsec中的应用
Status of this Memo
本备忘录的状况
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (1998). All Rights Reserved.
版权所有(C)互联网协会(1998年)。版权所有。
Abstract
摘要
This memo defines the NULL encryption algorithm and its use with the IPsec Encapsulating Security Payload (ESP). NULL does nothing to alter plaintext data. In fact, NULL, by itself, does nothing. NULL provides the means for ESP to provide authentication and integrity without confidentiality.
此备忘录定义了空加密算法及其在IPsec封装安全有效负载(ESP)中的使用。NULL不改变纯文本数据。事实上,NULL本身不起任何作用。NULL为ESP提供了在不保密的情况下提供身份验证和完整性的方法。
Further information on the other components necessary for ESP implementations is provided by [ESP] and [ROAD].
[ESP]和[ROAD]提供了ESP实施所需的其他组件的更多信息。
This memo defines the NULL encryption algorithm and its use with the IPsec Encapsulating Security Payload [ESP] to provide authentication and integrity without confidentiality.
此备忘录定义了空加密算法及其与IPsec封装安全有效负载[ESP]的使用,以提供身份验证和完整性,而无需保密。
NULL is a block cipher the origins of which appear to be lost in antiquity. Despite rumors that the National Security Agency suppressed publication of this algorithm, there is no evidence of such action on their part. Rather, recent archaeological evidence suggests that the NULL algorithm was developed in Roman times, as an exportable alternative to Ceaser ciphers. However, because Roman numerals lack a symbol for zero, written records of the algorithm's development were lost to historians for over two millennia.
NULL是一种分组密码,其起源似乎在古代就消失了。尽管有传言称国家安全局禁止公布该算法,但没有证据表明他们采取了此类行动。相反,最近的考古证据表明,空算法是在罗马时代发展起来的,作为凯瑟密码的可输出替代品。然而,由于罗马数字缺少零的符号,该算法发展的书面记录被历史学家丢失了两千多年。
[ESP] specifies the use of an optional encryption algorithm to provide confidentiality and the use of an optional authentication algorithm to provide authentication and integrity. The NULL encryption algorithm is a convenient way to represent the option of not applying encryption. This is referred to as ESP_NULL in [DOI].
[ESP]指定使用可选加密算法来提供机密性,以及使用可选身份验证算法来提供身份验证和完整性。空加密算法是表示不应用加密选项的方便方法。这在[DOI]中称为ESP_NULL。
The IPsec Authentication Header [AH] specification provides a similar service, by computing authentication data which covers the data portion of a packet as well as the immutable in transit portions of the IP header. ESP_NULL does not include the IP header in calculating the authentication data. This can be useful in providing IPsec services through non-IP network devices. The discussion on how ESP_NULL might be used with non-IP network devices is outside the scope of this document.
IPsec认证报头[AH]规范通过计算覆盖分组的数据部分以及IP报头的不可变在途部分的认证数据来提供类似的服务。ESP_NULL在计算身份验证数据时不包括IP头。这在通过非IP网络设备提供IPsec服务时非常有用。关于如何将ESP_NULL用于非IP网络设备的讨论超出了本文档的范围。
In this memo, NULL is used within the context of ESP. For further information on how the various pieces of ESP fit together to provide security services, refer to [ESP] and [ROAD].
在本备忘录中,在ESP的上下文中使用NULL。有关ESP各部分如何组合在一起提供安全服务的更多信息,请参阅[ESP]和[ROAD]。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC 2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC 2119]中所述进行解释。
NULL is defined mathematically by the use of the Identity function I applied to a block of data b such that:
NULL通过使用应用于数据块b的标识函数I进行数学定义,以便:
NULL(b) = I(b) = b
NULL(b) = I(b) = b
Like other modern ciphers, e.g., RC5 [RFC-2040], the NULL encryption algorithm can make use of keys of varying lengths. However, no measurable increase in security is afforded by the use of longer key lengths.
与其他现代密码一样,例如RC5[RFC-2040],空加密算法可以使用不同长度的密钥。但是,使用更长的密钥长度并不能显著提高安全性。
Because of the stateless nature of the NULL encryption algorithm, it is not necessary to transmit an IV or similar cryptographic synchronization data on a per packet (or even a per SA) basis. The NULL encryption algorithm combines many of the best features of both block and stream ciphers, while still not requiring the transmission of an IV or analogous cryptographic synchronization data.
由于空加密算法的无状态性质,不需要在每个数据包(甚至每个SA)的基础上传输IV或类似的加密同步数据。空加密算法结合了块密码和流密码的许多最佳特性,同时仍然不需要传输IV或类似的加密同步数据。
NULL has a block size of 1 byte, thus padding is not necessary.
NULL的块大小为1字节,因此不需要填充。
The NULL encryption algorithm is significantly faster than other commonly used symmetric encryption algorithms and implementations of the base algorithm are available for all commonly used hardware and OS platforms.
空加密算法明显快于其他常用的对称加密算法,基本算法的实现可用于所有常用硬件和操作系统平台。
The following is a set of test vectors to facilitate in the development of interoperable NULL implementations.
下面是一组测试向量,用于帮助开发可互操作的NULL实现。
test_case = 1 data = 0x123456789abcdef data_len = 8 NULL_data = 0x123456789abcdef
测试案例=1数据=0x123456789abcdef数据\u长度=8空\u数据=0x123456789abcdef
test_case = 2 data = "Network Security People Have A Strange Sense Of Humor" data_len = 53 NULL_data = "Network Security People Have A Strange Sense Of Humor"
test\u case=2 data=“网络安全人员有一种奇怪的幽默感”data\u len=53 NULL\u data=“网络安全人员有一种奇怪的幽默感”
ESP_NULL is defined by using NULL within the context of ESP. This section further defines ESP_NULL by pointing out particular operational parameter requirements.
ESP_NULL是通过在ESP上下文中使用NULL来定义的。本节通过指出特定的操作参数要求来进一步定义ESP_NULL。
For purposes of IKE [IKE] key extraction, the key size for this algorithm MUST be zero (0) bits, to facilitate interoperability and to avoid any potential export control problems.
出于IKE[IKE]密钥提取的目的,此算法的密钥大小必须为零(0)位,以促进互操作性并避免任何潜在的导出控制问题。
To facilitate interoperability, the IV size for this algorithm MUST be zero (0) bits.
为了促进互操作性,此算法的IV大小必须为零(0)位。
Padding MAY be included on outgoing packets as specified in [ESP].
按照[ESP]中的规定,可以在传出数据包中包含填充。
The NULL encryption algorithm offers no confidentiality nor does it offer any other security service. It is simply a convenient way to represent the optional use of applying encryption within ESP. ESP can then be used to provide authentication and integrity without confidentiality. Unlike AH these services are not applied to any
空加密算法不提供机密性,也不提供任何其他安全服务。这只是表示在ESP中应用加密的可选用途的一种方便方法。然后,ESP可用于提供身份验证和完整性,而无需保密。与AH不同,这些服务不适用于任何
part of the IP header. At the time of this writing there is no evidence to support that ESP_NULL is any less secure than AH when using the same authentication algorithm (i.e. a packet secured using ESP_NULL with some authentication algorithm is as cryptographically secure as a packet secured using AH with the same authentication algorithm).
IP头的一部分。在撰写本文时,没有证据表明,当使用相同的身份验证算法时,ESP_NULL的安全性低于AH(即,使用ESP_NULL和某些身份验证算法进行安全保护的数据包与使用AH和相同身份验证算法进行安全保护的数据包在密码学上一样安全)。
As stated in [ESP], while the use of encryption algorithms and authentication algorithms are optional in ESP, it is imperative that an ESP SA specifies the use of at least one cryptographically strong encryption algorithm or one cryptographically strong authentication algorithm or one of each.
如[ESP]中所述,虽然加密算法和身份验证算法的使用在ESP中是可选的,但ESP SA必须指定至少一种加密强加密算法或一种加密强身份验证算法或每种算法中的一种。
At the time of this writing there are no known laws preventing the exportation of NULL with a zero (0) bit key length.
在撰写本文时,还没有已知的法律阻止密钥长度为零(0)位的NULL的导出。
Pursuant to the provisions of [RFC-2026], the authors represent that they have disclosed the existence of any proprietary or intellectual property rights in the contribution that are reasonably and personally known to the authors. The authors do not represent that they personally know of all potentially pertinent proprietary and intellectual property rights owned or claimed by the organizations they represent or third parties.
根据[RFC-2026]的规定,作者声明,他们已披露了作者合理且亲自知晓的贡献中存在的任何专有或知识产权。作者并不表示他们个人知道他们所代表的组织或第三方拥有或主张的所有潜在相关的专有和知识产权。
Steve Bellovin suggested and provided the text for the Intellectual Property Rights section.
Steve Bellovin建议并提供了知识产权部分的文本。
Credit also needs to be given to the participants of the Cisco/ICSA IPsec & IKE March 1998 Interoperability Workshop since it was there that the need for this document became apparent.
还需要感谢Cisco/ICSA IPsec&IKE 1998年3月互操作性研讨会的参与者,因为在研讨会上,本文件的必要性变得显而易见。
[ESP] Kent, S., and R. Atkinson, "IP Encapsulating Security Payload", RFC 2406, November 1998.
[ESP]Kent,S.和R.Atkinson,“IP封装安全有效载荷”,RFC 2406,1998年11月。
[AH] Kent, S., and R. Atkinson, "IP Authentication Header", RFC 2402, November 1998.
[AH]Kent,S.和R.Atkinson,“IP认证头”,RFC 2402,1998年11月。
[ROAD] Thayer, R., Doraswamy, N., and R. Glenn, "IP Security Document Roadmap", RFC 2411, November 1998.
[ROAD]Thayer,R.,Doraswamy,N.,和R.Glenn,“IP安全文档路线图”,RFC 24111998年11月。
[DOI] Piper, D., "The Internet IP Security Domain of Interpretation for ISAKMP", RFC 2408, November 1998.
[DOI]Piper,D.,“ISAKMP解释的互联网IP安全域”,RFC 2408,1998年11月。
[IKE] Harkins, D., and D. Carrel, "The Internet Key Exchange (IKE)", RFC 2409, November 1998.
[IKE]Harkins,D.和D.Carrel,“互联网密钥交换(IKE)”,RFC 2409,1998年11月。
[RFC-2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996.
[RFC-2026]Bradner,S.,“互联网标准过程——第3版”,BCP 9,RFC 2026,1996年10月。
[RFC-2040] Baldwin, R., and R. Rivest, "The RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms", RFC 2040, October 1996
[RFC-2040]Baldwin,R.和R.Rivest,“RC5、RC5-CBC、RC5-CBC Pad和RC5-CTS算法”,RFC 2040,1996年10月
[RFC-2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC-2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
Rob Glenn NIST
罗伯·格伦
EMail: rob.glenn@nist.gov
EMail: rob.glenn@nist.gov
Stephen Kent BBN Corporation
斯蒂芬肯特BBN公司
EMail: kent@bbn.com
EMail: kent@bbn.com
The IPsec working group can be contacted through the chairs:
可通过主席与IPsec工作组联系:
Robert Moskowitz ICSA
罗伯特·莫斯科维茨ICSA
EMail: rgm@icsa.net
EMail: rgm@icsa.net
Ted T'so Massachusetts Institute of Technology
麻省理工学院特德·特索
EMail: tytso@mit.edu
EMail: tytso@mit.edu
Copyright (C) The Internet Society (1998). All Rights Reserved.
版权所有(C)互联网协会(1998年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。