RFC 2876 (rfc2876) - Page 1 of 13
Use of the KEA and SKIPJACK Algorithms in CMS
Alternative Format: Original Text Document
Network Working Group J. Pawling
Request for Comments: 2876 WGSI, A Getronics Company
Category: Informational July 2000
Use of the KEA and SKIPJACK Algorithms in CMS
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
Abstract
This document describes the conventions for using the Key Exchange
Algorithm (KEA) and SKIPJACK encryption algorithm in conjunction with
the Cryptographic Message Syntax [CMS] enveloped-data and encrypted-
data content types.
1. Introduction
Throughout this document, the terms MUST, MUST NOT, SHOULD and MAY
are used in capital letters. This conforms to the definitions in
[MUSTSHOULD]. [MUSTSHOULD] defines the use of these key words to help
make the intent of standards track documents as clear as possible.
The same key words are used in this document to help implementers
achieve interoperability. Software that claims compliance with this
document MUST provide the capabilities as indicated by the MUST, MUST
NOT, SHOULD and MAY terms. The KEA and SKIPJACK cryptographic
algorithms are described in [SJ-KEA].
2. Content Encryption Process
This section applies to the construction of both the enveloped-data
and encrypted-data content types. Compliant software MUST meet the
requirements stated in [CMS] Section 6.3, "Content-encryption
Process". The input to the encryption process MUST be padded to a
multiple of eight octets using the padding rules described in [CMS]
Section 6.3. The content MUST be encrypted as a single string using
the SKIPJACK algorithm in 64-bit Cipher Block Chaining (CBC) mode
using randomly-generated 8-byte Initialization Vector (IV) and 80-bit
SKIPJACK content-encryption key (CEK) values.
Pawling Informational