UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 7321

Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 August 2014
Status: active
Page Count: 11
scope:

This document updates the Cryptographic Algorithm Implementation Requirements for the Encapsulating Security Payload (ESP) and Authentication Header (AH). It also adds usage guidance to help in the selection of these algorithms.

ESP and AH protocols make use of various cryptographic algorithms to provide confidentiality and/or data origin authentication to protected data communications in the IP Security (IPsec) architecture. To ensure interoperability between disparate implementations, the IPsec standard specifies a set of mandatory-toimplement algorithms. This document specifies the current set of mandatory-to-implement algorithms for ESP and AH, specifies algorithms that should be implemented because they may be promoted to mandatory at some future time, and also recommends against the implementation of some obsolete algorithms. Usage guidance is also provided to help the user of ESP and AH best achieve their security goals through appropriate choices of cryptographic algorithms.

Document History

IETF RFC 7321
August 1, 2014
Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)
This document updates the Cryptographic Algorithm Implementation Requirements for the Encapsulating Security Payload (ESP) and Authentication Header (AH). It also adds usage guidance to help in the...

References

This document references:
IETF RFC 4302 - IP Authentication Header
Published by IETF on December 1, 2005
A description is not available for this item.
This document references:
IETF RFC 4303 - IP Encapsulating Security Payload (ESP)
Published by IETF on December 1, 2005
A description is not available for this item.
This document references:
IETF RFC 2404 - The Use of HMAC-SHA-1-96 within ESP and AH
Published by IETF on November 1, 1998
This memo describes the use of the HMAC algorithm [RFC-2104] in conjunction with the SHA-1 algorithm [FIPS-180-1] as an authentication mechanism within the revised IPSEC Encapsulating Security...
This document references:
IETF RFC 2405 - The ESP DES-CBC Cipher Algorithm With Explicit IV
Published by IETF on November 1, 1998
This document describes the use of the DES Cipher algorithm in Cipher Block Chaining Mode, with an explicit IV, as a confidentiality mechanism within the context of the IPSec Encapsulating Security...
This document is referenced by:
IETF RFC 7552 - Updates to LDP for IPv6
Published by IETF on June 1, 2015
The Label Distribution Protocol (LDP) specification defines procedures to exchange label bindings over either IPv4 or IPv6 networks, or both. This document corrects and clarifies the LDP behavior...
This document is referenced by:
TS 133 210 - Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); LTE; 5G; Network Domain Security (NDS); IP network layer security
Published by ETSI on September 1, 2022
The present document defines the security architecture for network domain IP based control planes, which shall be applied to NDS/IP-networks (i.e. 3GPP and fixed broadband networks). The scope of...
This document is referenced by:
ITU-T X.1362 - Simple encryption procedure for Internet of things (IoT) environments
Published by ITU-T on March 1, 2017
This Recommendation provides an encryption procedure for the Internet of things device security. The procedure is intended to be applied to IoT environments, especially for IoT devices which have the...
This document is referenced by:
IETF RFC 8213 - Security of Messages Exchanged between Servers and Relay Agents
Published by IETF on August 1, 2017
The Dynamic Host Configuration Protocol for IPv4 (DHCPv4) has no guidance for how to secure messages exchanged between servers and relay agents. The Dynamic Host Configuration Protocol for IPv6...
This document is superseded by:
IETF RFC 8221 - Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)
Published by IETF on October 1, 2017
This document replaces RFC 7321, "Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)". The goal of this...
This document is superseded by:
IETF RFC 8221 - Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)
Published by IETF on October 1, 2017
This document replaces RFC 7321, "Cryptographic Algorithm Implementation Requirements and Usage Guidance for Encapsulating Security Payload (ESP) and Authentication Header (AH)". The goal of this...
View Less
View All
Advertisement