------_=_NextPart_000_01BE5ECD.CFEF1954
Content-Type: text/plain;
charset="iso-8859-1"
FYI,
Carl-Uno
-----Original Message-----
From: John Banes [mailto:jbanes@microsoft.com]
Sent: Saturday, February 20, 1999 8:24 PM
To: IETF Transport Layer Security WG
Subject: TLS 56-bit export cipher suites
This document describes several new cipher suites to be used with the
Transport Layer Security (TLS) protocol. Recent changes in US export
regulations permit the export of software programs using 56-bit data
encryption and 1024-bit key exchange. The cipher suites described in this
document take full advantage of these new regulations.
We are planning to include support for these cipher suites in the next
version of Windows.
Regards,
John Banes
Windows NT Security (schannel)
--- You are currently subscribed to ietf-tls as: [cmanros@cp10.es.xerox.coM] To unsubscribe, forward this message to leave-ietf-tls-641F@lists.consensus.com
------_=_NextPart_000_01BE5ECD.CFEF1954 Content-Type: text/plain; name="draft-ietf-tls-56-bit-ciphersuites-00.txt" Content-Disposition: attachment; filename="draft-ietf-tls-56-bit-ciphersuites-00.txt" Content-Location: ATT-0-72A60B26BCCAD211A2D000805F15CE85-d raft-ie.txt Content-Transfer-Encoding: quoted-printable
Transport Layer Security Working Group John = Banes INTERNET-DRAFT Richard = Harrington Expires July, 1999 Microsoft = Corporation January 15, = 1999
56-bit Export Cipher Suites For TLS draft-ietf-tls-56-bit-ciphersuites-00.txt
1. Status of this Memo
This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six = months and may be updated, replaced, or made obsolete by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as work in progress.
To learn the current status of any Internet-Draft, please check the 1id-abstracts.txt listing contained in the Internet Drafts Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim).
2. Introduction
This document describes several new cipher suites to be used with = the=20 Transport Layer Security (TLS) protocol. Recent changes in US = export regulations permit the export of software programs using 56-bit data encryption and 1024-bit key exchange. The cipher suites described = in this document take full advantage of these new regulations.
3. The CipherSuites
The following values define the CipherSuite codes used in the client hello and server hello messages.
The following CipherSuite definitions require that the server provide an RSA certificate that can be used for key exchange. The server may request either an RSA or a DSS signature-capable certificate in the certificate request message.
CipherSuite TLS_RSA_EXPORT56_WITH_RC4_56_MD5 =3D { 0x00,0x60 = }; CipherSuite TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 =3D { 0x00,0x61 = }; CipherSuite TLS_RSA_EXPORT56_WITH_DES_CBC_SHA =3D { 0x00,0x62 = };
Banes Expires July, 1999 [Page 1] =0CINTERNET-DRAFT 56-bit Export TLS January 15, = 1999
The following CipherSuite definitions are used for server-authenticated (and optionally client-authenticated) Diffie-Hellman. DHE denotes ephemeral Diffie-Hellman, where the Diffie-Hellman parameters are signed by a DSS certificate, which has been signed by the CA.=20
CipherSuite TLS_DHE_DSS_EXPORT56_WITH_DES_CBC_SHA =3D { 0x00,0x63 = };
4. CipherSuite definitions
CipherSuite Is Key Cipher = Hash Exportable Exchange
TLS_RSA_EXPORT56_WITH_RC4_56_MD5 * RSA_EXPORT56 RC4_56 MD5 TLS_RSA_EXPORT56_WITH_RC2_CBC_56_MD5 * RSA_EXPORT56 RC2_56 MD5 TLS_RSA_EXPORT56_WITH_DES_CBC_56_SHA * RSA_EXPORT56 RC2_56 SHA TLS_DHE_DSS_EXPORT56_WITH_DES_CBC_SHA * DHE_DSS_EXPORT56 DES_CBC SHA
* Indicates IsExportable is True
Key Exchange Algorithm Description Key size = limit =20 RSA_EXPORT56 RSA key exchange RSA =3D 1024 = bits DHE_DSS_EXPORT56 Ephemeral DH with DSS signatures DH =3D 1024 = bits
Key size limit The key size limit gives the size of the largest public key that can be legally used for encryption in cipher suites that are exportable.
Key Expanded Effective IV Block Cipher Type Material Key Material Key Bits Size Size =20 RC2_CBC_56 Block 7 16 56 8 8 RC4_56 Stream 7 16 56 0 N/A DES_CBC Block 8 8 56 8 8
5. Implementation Notes
When an RSA_EXPORT56 cipher suite is used, and the server's RSA key is larger than 1024 bits in length, then the server must send a server key exchange message to the client. This message is to contain a temporary RSA key, signed by the server. This temporary RSA key should be the maximum allowable length (i.e., 1024 bits).
Servers with a large RSA key will often maintain two temporary RSA
Banes Expires July, 1999 [Page 2] =0CINTERNET-DRAFT 56-bit Export TLS January 15, = 1999
keys: a 512-bit key used to support the RSA_EXPORT cipher suites, and a 1024-bit key used to support the RSA_EXPORT56 cipher suites.
When 56-bit DES keys are derived for an export cipher suite, the additional export key derivation step must be performed. That is, the final read and write DES keys are not taken directly from the key_block.
6. References
[TLS] T. Dierks, C. Allen, The TLS Protocol,=20 <draft-ietf-tls-protocol-06.txt>, November 1998.
7. Authors
John Banes Richard Harrington Microsoft Corp. Microsoft Corp. jbanes@microsoft.com richha@microsoft.com
Banes Expires July, 1999 [Page 3]
------_=_NextPart_000_01BE5ECD.CFEF1954--