RFC 2876 (rfc2876) - Page 2 of 13


Use of the KEA and SKIPJACK Algorithms in CMS



Alternative Format: Original Text Document



RFC 2876           KEA and SKIPJACK Algorithms in CMS          July 2000


3. Content Decryption Process

   This section applies to the processing of both the enveloped-data and
   encrypted-data content types.  The encryptedContent MUST be decrypted
   as a single string using the SKIPJACK algorithm in 64-bit CBC mode.
   The 80-bit SKIPJACK CEK and the 8-byte IV MUST be used as inputs to
   the SKIPJACK decryption process.  Following decryption, the padding
   MUST be removed from the decrypted data.  The padding rules are
   described in [CMS] Section 6.3, "Content-encryption Process".

4. Enveloped-data Conventions

   The CMS enveloped-data content type consists of an encrypted content
   and wrapped CEKs for one or more recipients.  Compliant software MUST
   meet the requirements for constructing an enveloped-data content type
   stated in [CMS] Section 6, "Enveloped-data Content Type".  [CMS]
   Section 6 should be studied before reading this section, because this
   section does not repeat the [CMS] text.

   An 8-byte IV and 80-bit CEK MUST be randomly generated for each
   instance of an enveloped-data content type as inputs to the SKIPJACK
   algorithm for use to encrypt the content.  The SKIPJACK CEK MUST only
   be used for encrypting the content of a single instance of an
   enveloped-data content type.

   KEA and SKIPJACK can be used with the enveloped-data content type
   using either of the following key management techniques defined in
   [CMS] Section 6:

   1) Key Agreement:  The SKIPJACK CEK is uniquely wrapped for each
      recipient using a pairwise symmetric key-encryption key (KEK)
      generated using KEA using the originator's private KEA key,
      recipient's public KEA key and other values.  Section 4.2 provides
      additional details.

   2) "Previously Distributed" Symmetric KEK:  The SKIPJACK CEK is
      wrapped using a "previously distributed" symmetric KEK (such as a
      Mail List Key).  The methods by which the symmetric KEK is
      generated and distributed are beyond the scope of this document.
      Section 4.3 provides more details.

   [CMS] Section 6 also defines the concept of the key transport key
   management technique.  The key transport technique MUST NOT be used
   with KEA.







Pawling                      Informational