File: rfc5581.html

package info (click to toggle)
doc-rfc 20230121-1
  • links: PTS, VCS
  • area: non-free
  • in suites: bookworm, forky, sid, trixie
  • size: 1,609,944 kB
file content (165 lines) | stat: -rw-r--r-- 7,047 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
 
<pre>Network Working Group                                            D. Shaw
Request for Comments: 5581                                     June 2009
Updates: <a href="./rfc4880">4880</a>
Category: Informational


                     <span class="h1">The Camellia Cipher in OpenPGP</span>

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a> and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (<a href="http://trustee.ietf.org/license-info">http://trustee.ietf.org/license-info</a>).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Abstract

   This document presents the necessary information to use the Camellia
   symmetric block cipher in the OpenPGP protocol.

Table of Contents

   <a href="#section-1">1</a>.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . <a href="#page-2">2</a>
   <a href="#section-2">2</a>.  Requirements Notation . . . . . . . . . . . . . . . . . . . . . <a href="#page-2">2</a>
   <a href="#section-3">3</a>.  Camellia  . . . . . . . . . . . . . . . . . . . . . . . . . . . <a href="#page-2">2</a>
   <a href="#section-4">4</a>.  Security Considerations . . . . . . . . . . . . . . . . . . . . <a href="#page-2">2</a>
   <a href="#section-5">5</a>.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . <a href="#page-3">3</a>
   <a href="#section-6">6</a>.  Normative References  . . . . . . . . . . . . . . . . . . . . . <a href="#page-3">3</a>













<span class="grey">Shaw                         Informational                      [Page 1]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-2" ></span>
<span class="grey"><a href="./rfc5581">RFC 5581</a>             The Camellia Cipher in OpenPGP            June 2009</span>


<span class="h2"><a class="selflink" id="section-1" href="#section-1">1</a>.  Introduction</span>

   The OpenPGP protocol [<a href="./rfc4880" title="&quot;OpenPGP Message Format&quot;">RFC4880</a>] can support many different symmetric
   ciphers.  This document presents the necessary information to use the
   Camellia [<a href="./rfc3713" title="&quot;A Description of the Camellia Encryption Algorithm&quot;">RFC3713</a>] symmetric cipher in the OpenPGP protocol.

<span class="h2"><a class="selflink" id="section-2" href="#section-2">2</a>.  Requirements Notation</span>

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [<a href="./rfc2119" title="&quot;Key words for use in RFCs to Indicate Requirement Levels&quot;">RFC2119</a>].

<span class="h2"><a class="selflink" id="section-3" href="#section-3">3</a>.  Camellia</span>

   Camellia is specified in [<a href="./rfc3713" title="&quot;A Description of the Camellia Encryption Algorithm&quot;">RFC3713</a>].  It is a 128-bit symmetric block
   cipher (as are AES and Twofish in OpenPGP) that supports 128-bit,
   192-bit, and 256-bit keys.  This document defines the use of Camellia
   in OpenPGP.

     +---------------------+----------------------------------------+
     | Camellia Key Length | OpenPGP Symmetric-Key Algorithm Number |
     +---------------------+----------------------------------------+
     |         128         |                   11                   |
     |         192         |                   12                   |
     |         256         |                   13                   |
     +---------------------+----------------------------------------+

   OpenPGP applications MAY implement Camellia.  If implemented,
   Camellia may be used in any place in OpenPGP where a symmetric cipher
   is usable, and it is subject to the same usage requirements (such as
   its presence in the Preferred Symmetric Algorithms signature
   subpacket) as the other symmetric ciphers in OpenPGP.

   While the OpenPGP algorithm preferences system prevents
   interoperability problems with public key encrypted messages, if
   Camellia (or any other optional cipher) is used for encrypting
   private keys, there could be interoperability problems when migrating
   a private key from one system to another.  A similar issue can arise
   when using an optional cipher for symmetrically encrypted messages,
   as this OpenPGP message type does not use the algorithm preferences
   system.  Those using optional ciphers in this manner should take care
   they are using a cipher that their intended recipient can decrypt.

<span class="h2"><a class="selflink" id="section-4" href="#section-4">4</a>.  Security Considerations</span>

   At publication time, there are no known weak keys for Camellia, and
   the Camellia algorithm is believed to be strong.  However, as with
   any technology involving cryptography, implementers should check the



<span class="grey">Shaw                         Informational                      [Page 2]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-3" ></span>
<span class="grey"><a href="./rfc5581">RFC 5581</a>             The Camellia Cipher in OpenPGP            June 2009</span>


   current literature, as well as the Camellia home page at
   <a href="http://info.isl.ntt.co.jp/camellia/">http://info.isl.ntt.co.jp/camellia/</a> to determine if Camellia has been
   found to be vulnerable to attack.

<span class="h2"><a class="selflink" id="section-5" href="#section-5">5</a>.  IANA Considerations</span>

   IANA assigned three algorithm numbers from the registry of OpenPGP
   Symmetric-Key Algorithms that was created by [<a href="./rfc4880" title="&quot;OpenPGP Message Format&quot;">RFC4880</a>].

<span class="h2"><a class="selflink" id="section-6" href="#section-6">6</a>.  Normative References</span>

   [<a id="ref-RFC2119">RFC2119</a>]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", <a href="https://www.rfc-editor.org/bcp/bcp14">BCP 14</a>, <a href="./rfc2119">RFC 2119</a>, March 1997.

   [<a id="ref-RFC3713">RFC3713</a>]  Matsui, M., Nakajima, J., and S. Moriai, "A Description of
              the Camellia Encryption Algorithm", <a href="./rfc3713">RFC 3713</a>, April 2004.

   [<a id="ref-RFC4880">RFC4880</a>]  Callas, J., Donnerhacke, L., Finney, H., Shaw, D., and R.
              Thayer, "OpenPGP Message Format", <a href="./rfc4880">RFC 4880</a>, November 2007.

Author's Address

   David Shaw

   EMail: dshaw@jabberwocky.com


























Shaw                         Informational                      [Page 3]
</pre>