RFC 3826 (rfc3826) - Page 1 of 16

The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model

Network Working Group                                      U. Blumenthal
Request for Comments: 3826                           Lucent Technologies
Category: Standards Track                                       F. Maino
                                                   Andiamo Systems, Inc.
                                                           K. McCloghrie
                                                     Cisco Systems, Inc.
                                                               June 2004


        The Advanced Encryption Standard (AES) Cipher Algorithm
                 in the SNMP User-based Security Model

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   This document describes a symmetric encryption protocol that
   supplements the protocols described in the User-based Security Model
   (USM), which is a Security Subsystem for version 3 of the Simple
   Network Management Protocol for use in the SNMP Architecture.  The
   symmetric encryption protocol described in this document is based on
   the Advanced Encryption Standard (AES) cipher algorithm used in
   Cipher FeedBack Mode (CFB), with a key size of 128 bits.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . .    2
       1.1.  Goals and Constraints. . . . . . . . . . . . . . . . .    2
       1.2.  Key Localization . . . . . . . . . . . . . . . . . . .    3
       1.3.  Password Entropy and Storage . . . . . . . . . . . . .    3
   2.  Definitions. . . . . . . . . . . . . . . . . . . . . . . . .    4
   3.  CFB128-AES-128 Symmetric Encryption Protocol . . . . . . . .    5
       3.1.  Mechanisms . . . . . . . . . . . . . . . . . . . . . .    5
             3.1.1. The AES-based Symmetric Encryption Protocol . .    6
             3.1.2. Localized Key, AES Encryption Key and
                    Initialization Vector . . . . . . . . . . . . .    7
             3.1.3. Data Encryption . . . . . . . . . . . . . . . .    8
             3.1.4. Data Decryption . . . . . . . . . . . . . . . .    8



Blumenthal, et al.          Standards Track