kiyomoto-kcipher2-tls-01.txt

Internet DRAFT - draft-kiyomoto-kcipher2-tls
draft-kiyomoto-kcipher2-tls

Last Version:	draft-kiyomoto-kcipher2-tls-01.txt	Tracker Entry
Date:	`01-Oct-2011`
Disposition:	expired
Previous Versions:	draft-kiyomoto-kcipher2-tls-00.txt (diff) - 01-Apr-2011

Internet Draft                                              S. Kiyomoto
Intended status: Standard                                       W. Shin
Expires: March 2012                         KDDI R&D Laboratories, Inc.
                                                      Septmber 30, 2011



               Use of KCipher-2 in Transport Layer Security
                    draft-kiyomoto-kcipher2-tls-01.txt


Abstract

   This document offers a set of new cipher suit specifications to
   support KCipher-2 encryption in the Transport Layer Security protocol.
   KCipher-2 is a stream cipher with a 128-bit key and a 128-bit
   initialization vector, which provides fast, efficient encryption and
   decryption.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79. This document may not be modified,
   and derivative works of it may not be created, and it may not be
   published except as an Internet-Draft.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on March 30, 2012.  

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents




Kiyomoto & Shin        Expires September 30, 2012              [Page 1]

Internet-Draft          Use of KCipher-2 in TLS          September 2011


   carefully, as they describe your rights and restrictions with respect
   to this document.

1. Introduction

   Cryptographic operations used in TLS can be categorized in five ways:
   digital signing, stream cipher encryption, block cipher encryption,
   authenticated encryption with additional data encryption, and public
   key encryption [TLS]. This document defines the cipher suites to use
   KCipher-2 for stream cipher encryption in TLS. KCipher-2 is a fast,
   secure stream cipher algorithm [KCipher2].

1.1. KCipher2

   KCipher-2 is a stream cipher algorithm with a 128-bit key and a 128-
   bit initialization vector (IV). The algorithm and other properties
   are described in [SECRYPT]. KCipher-2 has been evaluated by the
   cryptographic technique evaluation project for the Japanese e-
   Government [CRYPTEC]. KCipher-2 also has been submitted to another
   international standardization body [ISO18033].

1.2. Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119 [RFC2119].

2. Cipher Suites Values

   The following are proposed identifiers and values for the cipher
   suites of TLS.

   CipherSuite TLS_RSA_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DH_DSS_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DH_RSA_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DHE_DSS_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DHE_RSA_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DH_anon_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };


3. Cipher Suite Definitions

3.1. Key Exchange

   The RSA, DH_DSS, DH_RSA, DHE_DSS, DHE_RSA, and DH_anon key exchanges
   are executed as defined in [TLS].



Kiyomoto & Shin        Expires March 30, 2012                  [Page 2]

Internet-Draft          Use of KCipher-2 in TLS          September 2011


3.2. Cipher

   The KCIPHER2_128 cipher suites use KCipher-2 with a 128-bit key and a
   128-bit initialization vector.

3.3. Hash and Pseudorandom Function

   For the cipher suites in this document, HMAC [HMAC] based on SHA-256
   is used for message integrity, and TLS PRF [TLS] with SHA-256 is used
   as the pseudorandom function.

4. Security Considerations

   As of the time this document was written, we are not aware of any
   attack on KCipher-2. No security vulnerabilities have been identified
   in the security evaluations by the KCipher-2 developers and other
   independent institutions [SECRYPT], [CRYPTEC10], [KDDI].

5. IANA Considerations

   IANA is requested to allocate the following numbers in the TLS Cipher
   Suite Registry:

   CipherSuite TLS_RSA_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DH_DSS_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DH_RSA_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DHE_DSS_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DHE_RSA_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };
   CipherSuite TLS_DH_anon_WITH_KCIPHER2_128_SHA_256 = { TBD, TBD };


6. References

6.1. Normative References

   [TLS] Dierks, T. and E. Rescorla, "The Transport Layer Security (TLS)
             Protocol Version 1.2", RFC 5246, August 2008.

6.2. Informative References

   [KCipher2] S. Kiyomoto and W. Shin, "A Description of KCipher-2
             Encryption Algorithm".
             http://www.ietf.org/id/draft-kiyomoto-kcipher2-00.txt






Kiyomoto & Shin        Expires March 30, 2012                  [Page 3]

Internet-Draft          Use of KCipher-2 in TLS          September 2011


   [SECRYPT]  S. Kiyomoto, T. Tanaka and K. Sakurai, "K2: A Stream
             Cipher Algorithm Using Dynamic Feedback Control",
             International Conference on Security and Cryptography
             (SECRYPT), pp.204-213, 2007.

   [ISO18033] "Information technology - Security techniques - Encryption
             algorithms - Part 4: Stream ciphers", ISO/IEC JTC 1/SC
             27/WG 2, 2011.

   [CRYPTEC10] A. Bogdanov, B. Preneel, and V. Rijmen, "Security
             Evaluation of the K2 Stream Cipher", 2010.
             http://www.cryptrec.go.jp/english/estimation.html

   [CRYPTEC] Cryptography Research and Evaluation Committees.
             http://www.cryptrec.go.jp/english/

   [KDDI] B. Roy, "Evaluation of the Word-Oriented Stream Cipher: K2",
             2009.
             http://www.kddilabs.jp/kcipher2/kcipher2.htm

   [HMAC] H. Kwarczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing
             for Message Authentication", RFC 2104, February 1997.

Authors' Addresses

   Shinsaku Kiyomoto
   KDDI R&D Laboratories, Inc.
   2-1-15 Ohara, Fujimino-shi,
   Saitama 356-8502, Japan.

   Phone: +81-49-278-7885
   Fax: +81-49-278-7510
   Email: kiyomoto@kddilabs.jp


   Wook Shin
   KDDI R&D Laboratories, Inc.
   2-1-15 Ohara, Fujimino-shi,
   Saitama 356-8502, Japan.

   Email: ohpato@hanmail.net








Kiyomoto & Shin        Expires March 30, 2012                  [Page 4]