summaryrefslogtreecommitdiff
path: root/doc/protocol/draft-ietf-tls-ecdhe-psk-01.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/protocol/draft-ietf-tls-ecdhe-psk-01.txt')
-rw-r--r--doc/protocol/draft-ietf-tls-ecdhe-psk-01.txt377
1 files changed, 0 insertions, 377 deletions
diff --git a/doc/protocol/draft-ietf-tls-ecdhe-psk-01.txt b/doc/protocol/draft-ietf-tls-ecdhe-psk-01.txt
deleted file mode 100644
index 7ce0223fc9..0000000000
--- a/doc/protocol/draft-ietf-tls-ecdhe-psk-01.txt
+++ /dev/null
@@ -1,377 +0,0 @@
-TLS Working Group Mohamad Badra
-Internet Draft LIMOS Laboratory
-Intended status: Informational April 2, 2008
-Expires: October 2008
-
-
-
- ECDHE_PSK Ciphersuites for Transport Layer Security (TLS)
- draft-ietf-tls-ecdhe-psk-01.txt
-
-
-Status of this Memo
-
- By submitting this Internet-Draft, each author represents that any
- applicable patent or other IPR claims of which he or she is aware
- have been or will be disclosed, and any of which he or she becomes
- aware will be disclosed, in accordance with Section 6 of BCP 79.
-
- Internet-Drafts are working documents of the Internet Engineering
- Task Force (IETF), its areas, and its working groups. Note that
- other groups may also distribute working documents as Internet-
- Drafts.
-
- Internet-Drafts are draft documents valid for a maximum of six months
- and may be updated, replaced, or obsoleted by other documents at any
- time. It is inappropriate to use Internet-Drafts as reference
- material or to cite them other than as "work in progress."
-
- The list of current Internet-Drafts can be accessed at
- http://www.ietf.org/ietf/1id-abstracts.txt
-
- The list of Internet-Draft Shadow Directories can be accessed at
- http://www.ietf.org/shadow.html
-
- This Internet-Draft will expire on October 2, 2008.
-
-Copyright Notice
-
- Copyright (C) The IETF Trust (2008).
-
-Abstract
-
- This document extends RFC 4279, RFC 4492 and RFC 4785, and specifies
- a set of ciphersuites that use a pre-shared key (PSK) to authenticate
- an Elliptic Curve Diffie-Hellman exchange (ECDH). These ciphersuites
- provide Perfect Forward Secrecy (PFS).
-
-
-
-
-
-Badra Expires October 2, 2008 [Page 1]
-
-Internet-Draft ECDHE_PSK Ciphersuites for TLS April 2008
-
-
-Table of Contents
-
- 1. Introduction...................................................3
- 1.1. Conventions used in this document.........................3
- 2. ECDHE_PSK Key Exchange Algorithm...............................3
- 3. ECDHE_PSK Key Exchange Algorithm with NULL Encryption..........5
- 4. Security Considerations........................................5
- 5. IANA Considerations............................................5
- 6. Acknowledgments................................................5
- 7. References.....................................................5
- 7.1. Normative References......................................5
- Author's Addresses................................................6
- Intellectual Property Statement...................................6
- Disclaimer of Validity............................................6
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Badra Expires August 2, 2008 [Page 2]
-
-Internet-Draft ECDHE_PSK Ciphersuites for TLS April 2008
-
-
-1. Introduction
-
- RFC 4279 specifies ciphersuites for supporting TLS using pre-shared
- symmetric keys and they (a) use only symmetric key operations for
- authentication, (b) use a Diffie-Hellman exchange authenticated with
- a pre-shared key, or (c) combines public key authentication of the
- server with pre-shared key authentication of the client.
-
- RFC 4785 specifies authentication-only ciphersuites (with no
- encryption). These ciphersuites are useful when authentication and
- integrity protection is desired, but confidentiality is not needed or
- not permitted.
-
- RFC 4492 defines a set of ECC-based ciphersuites for TLS and
- describes the use of ECC certificates for client authentication. In
- particular, it specifies the use of Elliptic Curve Diffie-Hellman
- (ECDH) key agreement in a TLS handshake and the use of Elliptic Curve
- Digital Signature Algorithm (ECDSA) as a new authentication
- mechanism.
-
- This document specifies a set of ciphersuites that use a PSK to
- authenticate an ECDH exchange. These ciphersuites provide Perfect
- Forward Secrecy. One of these ciphersuite provides authentication-
- only.
-
- The reader is expected to become familiar with RFC 4279, RFC 4492,
- and RFC 4785 prior to studying this document.
-
-1.1. Conventions used in this document
-
- The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
- "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
- document are to be interpreted as described in [RFC2119].
-
-2. ECDHE_PSK Key Exchange Algorithm
-
- The ciphersuites in this section match the ciphersuites defined in
- [RFC4279], except that they use an Elliptic Curve Diffie-Hellman
- exchange [RFC4492] authenticated with a PSK. They are defined as
- follow:
-
- CipherSuite Key Exchange Cipher Hash
-
- TLS_ECDHE_PSK_WITH_RC4_128_SHA ECDHE_PSK RC4_128 SHA
- TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA ECDHE_PSK 3DES_EDE_CBC SHA
- TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA ECDHE_PSK AES_128_CBC SHA
- TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA ECDHE_PSK AES_256_CBC SHA
-
-
-Badra Expires August 2, 2008 [Page 3]
-
-Internet-Draft ECDHE_PSK Ciphersuites for TLS April 2008
-
-
- These ciphersuites make use of the EC parameter negotiation mechanism
- defined in RFC 4492. When the ciphersuites defined in this document
- are used, the 'ec_diffie_hellman_psk' case inside the
- ServerKeyExchange and ClientKeyExchange structure MUST be used
- instead of the 'psk' case defined in [RFC4279] (i.e., the
- ServerKeyExchange and ClientKeyExchange messages include the Diffie-
- Hellman parameters). The PSK identity and identity hint fields have
- the same meaning and encoding specified in [RFC4279] (note that the
- ServerKeyExchange message is always sent, even if no PSK identity
- hint is provided).
-
- The format of the ServerKeyExchange and ClientKeyExchange messages is
- shown below.
-
- struct {
- select (KeyExchangeAlgorithm) {
- /* other cases for rsa, diffie_hellman, etc. */
- case ec_diffie_hellman_psk: /* NEW */
- opaque psk_identity_hint<0..2^16-1>;
- ServerECDHParams params;
- };
- } ServerKeyExchange;
-
- struct {
- select (KeyExchangeAlgorithm) {
- /* other cases for rsa, diffie_hellman, etc. */
- case ec_diffie_hellman_psk: /* NEW */
- opaque psk_identity<0..2^16-1>;
- ClientECDiffieHellmanPublic public;
- } exchange_keys;
- } ClientKeyExchange;
-
- The premaster secret is formed as follows. First, perform an ECDH
- operation (See section 5.10 of [RFC4492]) to compute the shared
- secret. Next, concatenate a uint16 containing the length of the
- shared secret (in octets), the shared secret itself, a uint16
- containing the length of the PSK (in octets), and the PSK itself.
-
- This corresponds to the general structure for the premaster secrets
- (see Note 1 in Section 2 of [RFC4279]), with "other_secret"
- containing the shared secret:
-
- struct {
- opaque other_secret<0..2^16-1>;
- opaque psk<0..2^16-1>;
- };
-
-
-
-Badra Expires August 2, 2008 [Page 4]
-
-Internet-Draft ECDHE_PSK Ciphersuites for TLS April 2008
-
-
-3. ECDHE_PSK Key Exchange Algorithm with NULL Encryption
-
- The ciphersuite in this section matches the ciphersuites defined in
- section 2, except that we define a suite with null encryption.
-
- CipherSuite Key Exchange Cipher Hash
-
- TLS_ECDHE_PSK_WITH_NULL_SHA ECDHE_PSK NULL SHA
-
-4. Security Considerations
-
- The security considerations described throughout [RFC4279],
- [RFC4346], [RFC4492], and [RFC4785] apply here as well.
-
-5. IANA Considerations
-
- This document defines the following new ciphersuites, whose values
- are to be assigned from the TLS Cipher Suite registry defined in
- [RFC4346].
-
- CipherSuite TLS_ECDHE_PSK_WITH_RC4_128_SHA = { 0xXX, 0xXX };
- CipherSuite TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = { 0xXX, 0xXX };
- CipherSuite TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = { 0xXX, 0xXX };
- CipherSuite TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = { 0xXX, 0xXX };
- CipherSuite TLS_ECDHE_PSK_WITH_NULL_SHA = { 0xXX, 0xXX };
-
-6. Acknowledgments
-
- The author would like to thank Bodo Moeller, Simon Josefsson, Uri
- Blumenthal, Pasi Eronen, Alfred Hoenes, Paul Hoffman, Joseph Salowey,
- and the TLS mailing list members for their comments on the document.
-
-7. References
-
-7.1. Normative References
-
- [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
- Requirement Levels", BCP 14, RFC 2119, March 1997.
-
- [RFC4279] Eronen, P. and H. Tschofenig, "Pre-Shared Key Ciphersuites
- for Transport Layer Security (TLS)", RFC 4279, December
- 2005.
-
- [RFC4346] Dierks, T. and E. Rescorla, "The TLS Protocol Version 1.1",
- RFC 4346, April 2006.
-
-
-
-
-Badra Expires August 2, 2008 [Page 5]
-
-Internet-Draft ECDHE_PSK Ciphersuites for TLS April 2008
-
-
- [RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B.
- Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites
- for Transport Layer Security (TLS)", RFC 4492, May 2006.
-
- [RFC4785] Blumenthal, U. and P. Goel, "Pre-Shared Key (PSK)
- Ciphersuites with NULL Encryption for Transport Layer
- Security (TLS)", RFC 4785, January 2007.
-
-Author's Addresses
-
- Mohamad Badra
- LIMOS Laboratory - UMR6158, CNRS
- France
-
- Email: badra@isima.fr
-
-
-Intellectual Property Statement
-
- The IETF takes no position regarding the validity or scope of any
- Intellectual Property Rights or other rights that might be claimed to
- pertain to the implementation or use of the technology described in
- this document or the extent to which any license under such rights
- might or might not be available; nor does it represent that it has
- made any independent effort to identify any such rights. Information
- on the procedures with respect to rights in RFC documents can be
- found in BCP 78 and BCP 79.
-
- Copies of IPR disclosures made to the IETF Secretariat and any
- assurances of licenses to be made available, or the result of an
- attempt made to obtain a general license or permission for the use of
- such proprietary rights by implementers or users of this
- specification can be obtained from the IETF on-line IPR repository at
- http://www.ietf.org/ipr.
-
- The IETF invites any interested party to bring to its attention any
- copyrights, patents or patent applications, or other proprietary
- rights that may cover technology that may be required to implement
- this standard. Please address the information to the IETF at
- ietf-ipr@ietf.org.
-
-Disclaimer of Validity
-
- This document and the information contained herein are provided on an
- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
-
-
-Badra Expires August 2, 2008 [Page 6]
-
-Internet-Draft ECDHE_PSK Ciphersuites for TLS April 2008
-
-
- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
-
-Copyright Statement
-
- Copyright (C) The IETF Trust (2008).
-
- This document is subject to the rights, licenses and restrictions
- contained in BCP 78, and except as set forth therein, the authors
- retain all their rights.
-
-Acknowledgment
-
- Funding for the RFC Editor function is currently provided by the
- Internet Society.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-Badra Expires August 2, 2008 [Page 7]
-
View Lorry Controller Status