RFC 2984 (rfc2984) - Page 2 of 6
Use of the CAST-128 Encryption Algorithm in CMS
Alternative Format: Original Text Document
RFC 2984 CAST-128 in CMS October 2000
commercial and non-commercial uses worldwide [IPR], and therefore is
widely used in a number of applications around the Internet. It thus
seems to be a suitable optional encryption algorithm for S/MIME.
This document describes how to use CAST-128 within the S/MIME CMS
specification.
2. Specification
This section provides the OIDs and processing information necessary
for CAST-128 to be used for content and key encryption in CMS.
2.1 OIDs for Content and Key Encryption
CAST-128 is added to the set of optional symmetric encryption
algorithms in CMS by providing two unique object identifiers (OIDs).
One OID defines the content encryption algorithm and the other
defines the key encryption algorithm. Thus a CMS agent can apply
CAST-128 either for content or key encryption by selecting the
corresponding object identifier, supplying the required parameter,
and starting the program code.
For content encryption the use of CAST-128 in cipher block chaining
(CBC) mode is RECOMMENDED. The key length is variable (from 40 to
128 bits in 1-octet increments).
The CAST-128 content-encryption algorithm in CBC mode has the
following object identifier:
cast5CBC OBJECT IDENTIFIER ::= {iso(1) member-body(2)
us(840) nt(113533) nsn(7) algorithms(66) 10}
The parameter associated with this object identifier contains the
initial vector IV and the key length:
cast5CBCParameters ::= SEQUENCE {
iv OCTET STRING DEFAULT 0,
-- Initialization vector
keyLength INTEGER
-- Key length, in bits
}
Comments regarding the use of the IV may be found in [RFC 2144].
The key-wrap/unwrap procedures used to encrypt/decrypt a CAST-128
content-encryption key with a CAST-128 key-encryption key are
specified in Section 2.2. Generation and distribution of key-
encryption keys are beyond the scope of this document.
Adams Standards Track