diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-04-16 12:20:41 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2002-04-16 12:20:41 +0000 |
commit | a7db3f8e4ed65750ecef9b85ffdf8cef79ef0bbd (patch) | |
tree | 318f0b11bfd66573291bd7d3ba3503cfdc34621e | |
parent | aa1989a56cc8e473bd3d7cd828eed4bb38b6867b (diff) | |
download | gnutls-a7db3f8e4ed65750ecef9b85ffdf8cef79ef0bbd.tar.gz |
*** empty log message ***
-rw-r--r-- | doc/protocol/draft-ietf-tls-56-bit-ciphersuites-01.txt | 171 |
1 files changed, 171 insertions, 0 deletions
diff --git a/doc/protocol/draft-ietf-tls-56-bit-ciphersuites-01.txt b/doc/protocol/draft-ietf-tls-56-bit-ciphersuites-01.txt new file mode 100644 index 0000000000..7a8dd97dcb --- /dev/null +++ b/doc/protocol/draft-ietf-tls-56-bit-ciphersuites-01.txt @@ -0,0 +1,171 @@ + + + + + + +Transport Layer Security Working Group John Banes +INTERNET-DRAFT Microsoft Corporation +Expires January, 2002 Richard Harrington + Qpass Incorporated + July 19, 2001 + + 56-bit Export Cipher Suites For TLS + draft-ietf-tls-56-bit-ciphersuites-01.txt + +1. Status of this Memo + + This document is an Internet-Draft and is subject to all provisions + of Section 10 of RFC2026. Internet-Drafts are working documents of + the Internet Engineering Task Force (IETF), its areas, and its + working groups. Note that other groups may also distribute + working documents as Internet-Drafts. + + Internet-Drafts are draft documents valid for a maximum of six months + and may be updated, replaced, or made obsolete by other documents at + any time. It is inappropriate to use Internet-Drafts as reference + material or to cite them other than as "work in progress." + + The list of current Internet-Drafts can be accessed at + http://www.ietf.org/1id-abstracts.html + + The list of Internet-Draft Shadow Directories can be accessed at + http://www.ietf.org/shadow.html + + +2. Introduction + + This document describes several cipher suites to be used with the + Transport Layer Security (TLS) protocol. Changes in US export + regulations in 1999 permitted the export of software programs + using 56-bit data encryption and 1024-bit key exchange. + The cipher suites described in this document were designed to take + advantage of this change in the regulations. + +3. The CipherSuites + + The following values define the CipherSuite codes used in the client + hello and server hello messages. + + The following CipherSuite definitions require that the server + provide an RSA certificate that can be used for key exchange. The + server may request either an RSA or a DSS signature-capable + certificate in the certificate request message. + + CipherSuite TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x62 }; + CipherSuite TLS_RSA_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x64 }; + + +Banes Expires January, 2002 [Page 1] +INTERNET-DRAFT 56-bit Export TLS January 15, 1999 + + + The following CipherSuite definitions are used for + server-authenticated (and optionally client-authenticated) + Diffie-Hellman. DHE denotes ephemeral Diffie-Hellman, where the + Diffie-Hellman parameters are signed by a DSS certificate, which + has been signed by the CA. + + CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA = { 0x00,0x63 }; + CipherSuite TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA = { 0x00,0x65 }; + CipherSuite TLS_DHE_DSS_WITH_RC4_128_SHA = { 0x00,0x66 }; + + +4. CipherSuite definitions + +CipherSuite Is Key Cipher Hash + Exportable Exchange + +TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA * RSA_EXPORT1024 DES_CBC SHA +TLS_RSA_EXPORT1024_WITH_RC4_56_SHA * RSA_EXPORT1024 RC4_56 SHA +TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA * RSA_EXPORT1024 DES_CBC SHA +TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA * DHE_DSS_EXPORT1024 RC4_56 SHA +TLS_DHE_DSS_WITH_RC4_128_SHA DHE_DSS RC4_128 SHA + +* Indicates IsExportable is True + + Key + Exchange + Algorithm Description Key size limit + + RSA_EXPORT1024 RSA key exchange RSA = 1024 bits + DHE_DSS_EXPORT1024 Ephemeral DH with DSS signatures DH = 1024 bits + + Key size limit + The key size limit gives the size of the largest public key that + can be legally used for encryption in cipher suites that are + exportable. + + Key Expanded Effective IV Block + Cipher Type Material Key Material Key Bits Size Size + + RC4_56 Stream 7 16 56 0 N/A + DES_CBC Block 8 8 56 8 8 + + +5. Implementation Notes + + When an RSA_EXPORT1024 cipher suite is used, and the server's RSA + Key is larger than 1024 bits in length, then the server must send + a server key exchange message to the client. This message is to + contain a temporary RSA key, signed by the server. This temporary + RSA key should be the maximum allowable length (i.e., 1024 bits). + + +Banes Expires January, 2002 [Page 2] +INTERNET-DRAFT 56-bit Export TLS January 15, 1999 + + + Servers with a large RSA key will often maintain two temporary RSA + keys: a 512-bit key used to support the RSA_EXPORT cipher suites, + and a 1024-bit key used to support the RSA_EXPORT1024 cipher suites. + + When 56-bit DES keys are derived for an export cipher suite, the + additional export key derivation step must be performed. That is, + the final read and write DES keys (and the IV) are not taken + directly from the key_block. + +6. References + + [TLS] T. Dierks, C. Allen, The TLS Protocol, + <draft-ietf-tls-protocol-06.txt>, November 1998. + +7. Authors + + John Banes Richard Harrington + Microsoft Corp. Qpass Inc. + jbanes@microsoft.com rharrington@qpass.com + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Banes Expires January, 2002 [Page 3] |