RFC 3686 (rfc3686) - Page 2 of 19

Using Advanced Encryption Standard (AES) Counter Mode With IPsec Encapsulating Security Payload (ESP)

Alternative Format: Original Text Document
< Previous
Next >
RFC 3686         Using AES Counter Mode With IPsec ESP      January 2004


   10. Intellectual Property Statement. . . . . . . . . . . . . . . . 16
   11. Acknowledgments. . . . . . . . . . . . . . . . . . . . . . . . 16
   12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17
       12.1. Normative References . . . . . . . . . . . . . . . . . . 17
       12.2. Informative References . . . . . . . . . . . . . . . . . 17
   13. Author's Address . . . . . . . . . . . . . . . . . . . . . . . 18
   14. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 19

1.  Introduction

   The National Institute of Standards and Technology (NIST) recently
   selected the Advanced Encryption Standard (AES) [AES], also known as
   Rijndael.  The AES is a block cipher, and it can be used in many
   different modes.  This document describes the use of AES Counter Mode
   (AES-CTR), with an explicit initialization vector (IV), as an IPsec
   Encapsulating Security Payload (ESP) [ESP] confidentiality mechanism.

   This document does not provide an overview of IPsec.  However,
   information about how the various components of IPsec and the way in
   which they collectively provide security services is available in
   [ARCH] and [ROADMAP].

1.1.  Conventions Used In This Document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [STDWORDS].

2.  AES Block Cipher

   This section contains a brief description of the relevant
   characteristics of the AES block cipher.  Implementation requirements
   are also discussed.

2.1.  Counter Mode

   NIST has defined five modes of operation for AES and other FIPS-
   approved block ciphers [MODES].  Each of these modes has different
   characteristics.  The five modes are: ECB (Electronic Code Book), CBC
   (Cipher Block Chaining), CFB (Cipher FeedBack), OFB (Output
   FeedBack), and CTR (Counter).

   Only AES Counter mode (AES-CTR) is discussed in this specification.
   AES-CTR requires the encryptor to generate a unique per-packet value,
   and communicate this value to the decryptor.  This specification
   calls this per-packet value an initialization vector (IV).  The same
   IV and key combination MUST NOT be used more than once.  The




Housley                     Standards Track
< Previous
Next >