RFC 1115 (rfc1115) - Page 2 of 8


Privacy enhancement for Internet electronic mail: Part III - algorithms, modes, and identifiers



Alternative Format: Original Text Document



RFC 1115                Mail Privacy: Algorithms             August 1989


1.  Executive Summary

   This RFC provides definitions, references, and citations for algorithms,
   usage modes, and associated identifiers used in RFC-1113 and RFC-1114
   in support of privacy-enhanced electronic mail in the Internet
   community.  As some parts of this material are cited by both RFC-1113
   and RFC-1114, and as it is anticipated that some of the definitions
   herein may be changed, added, or replaced without affecting the citing
   RFCs, algorithm-specific material has been placed into this separate
   RFC.  The text is organized into three primary sections; dealing with
   symmetric encryption algorithms, asymmetric encryption algorithms, and
   integrity check algorithms.

2.  Symmetric Encryption Algorithms and Modes

   This section identifies alternative symmetric encryption algorithms
   and modes which may be used to encrypt DEKs, MICs, and message text,
   and assigns them character string identifiers to be incorporated in
   encapsulated header fields to indicate the choice of algorithm
   employed.  (Note: all alternatives presently defined in this category
   correspond to different usage modes of the DEA-1 (DES) algorithm,
   rather than to other algorithms per se.)

2.1.  DES Modes

   The Block Cipher Algorithm DEA-1, defined in ANSI X3.92-1981 [3] may
   be used for message text, DEKs, and MICs.  The DEA-1 is equivalent to
   the Data Encryption Standard (DES), as defined in FIPS PUB 46 [4].
   The ECB and CBC modes of operation of DEA-1 are defined in ISO IS 8372
   [5].

2.1.1.  DES in ECB mode (DES-ECB)

   The string "DES-ECB" indicates use of the DES algorithm in Electronic
   Codebook (ECB) mode.  This algorithm/mode combination is used for DEK
   and MIC encryption.

2.1.2.  DES in EDE mode (DES-EDE)

   The string "DES-EDE" indicates use of the DES algorithm in
   Encrypt-Decrypt-Encrypt (EDE) mode as defined by ANSI X9.17 [2] for
   key encryption and decryption with pairs of 64-bit keys.  This
   algorithm/mode combination is used for DEK and MIC encryption.








Linn