UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 4868

Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 May 2007
Status: active
Page Count: 21
scope:

This specification describes the use of Hashed Message Authentication Mode (HMAC) in conjunction with the SHA-256, SHA-384, and SHA-512 algorithms in IPsec. These algorithms may be used as the basis for data origin authentication and integrity verification mechanisms for the Authentication Header (AH), Encapsulating Security Payload (ESP), Internet Key Exchange Protocol (IKE), and IKEv2 protocols, and also as Pseudo-Random Functions (PRFs) for IKE and IKEv2. Truncated output lengths are specified for the authentication-related variants, with the corresponding algorithms designated as HMAC-SHA-256-128, HMAC-SHA-384-192, and HMAC-SHA-512-256. The PRF variants are not truncated, and are called PRF-HMAC-SHA-256, PRF-HMAC-SHA-384, and PRF-HMAC-SHA-512.

Document History

IETF RFC 4868
May 1, 2007
Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec
This specification describes the use of Hashed Message Authentication Mode (HMAC) in conjunction with the SHA-256, SHA-384, and SHA-512 algorithms in IPsec. These algorithms may be used as the basis...

References

This document is referenced by:
IETF RFC 5991 - Teredo Security Updates
Published by IETF on September 1, 2010
Introduction Teredo [RFC4380] defines a set of flags that are embedded in every Teredo IPv6 address. This document specifies a set of security updates that modify the use of this flags field, but are...
This document is referenced by:
IETF RFC 6630 - EAP Re-authentication Protocol Extensions for Authenticated Anticipatory Keying (ERP/AAK)
Published by IETF on June 1, 2012
The Extensible Authentication Protocol (EAP) is a generic framework supporting multiple types of authentication methods. The EAP Re-authentication Protocol (ERP) specifies extensions to EAP and the...
This document is referenced by:
TS 124 301 - Universal Mobile Telecommunications System (UMTS); LTE; 5G; Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3
Published by ETSI on September 1, 2023
The present document specifies the procedures used by the protocols for mobility management and session management between User Equipment (UE) and Mobility Management Entity (MME) in the Evolved...
This document is referenced by:
TS 123 401 - LTE; General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access
Published by ETSI on January 1, 2024
The present document defines the Stage 2 service description for the Evolved 3GPP Packet Switched Domain - also known as the Evolved Packet System (EPS) in this document. The Evolved 3GPP Packet...
View Less
View All
Advertisement