idnits 2.17.00 (12 Aug 2021) /tmp/idnits64017/draft-malpani-npka-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing document type: Expected "INTERNET-DRAFT" in the upper left hand corner of the first page == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 208 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 5 instances of too long lines in the document, the longest one being 4 characters in excess of 72. ** There are 3 instances of lines with control characters in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Unrecognized Status in 'Category: INTERNET-DRAFT', assuming Proposed Standard (Expected one of 'Standards Track', 'Full Standard', 'Draft Standard', 'Proposed Standard', 'Best Current Practice', 'Informational', 'Experimental', 'Informational', 'Historic'.) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 2000) is 8071 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC-2040' is mentioned on line 101, but not defined == Missing Reference: 'TBD' is mentioned on line 156, but not defined == Missing Reference: 'RFC2410' is mentioned on line 161, but not defined == Unused Reference: 'RFC-2410' is defined on line 165, but no explicit reference was found in the text Summary: 6 errors (**), 0 flaws (~~), 7 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group A. Malpani (ValiCert) 2 Category: INTERNET-DRAFT October 1999 3 Expires April 2000 5 The NULL Public Key Algorithm (NPKA) 6 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance 11 with all provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering 14 Task Force (IETF), its areas, and its working groups. Note that 15 other groups may also distribute working documents as 16 Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six 19 months and may be updated, replaced, or obsoleted by other 20 documents at any time. It is inappropriate to use Internet- 21 Drafts as reference material or to cite them other than as 22 "work in progress." 24 The list of current Internet-Drafts can be accessed at 25 http://www.ietf.org/ietf/1id-abstracts.txt 27 The list of Internet-Draft Shadow Directories can be accessed at 28 http://www.ietf.org/shadow.html. 30 Comments on this draft should be sent to ietf-pkix@imc.org. 32 Copyright Notice 34 Copyright (C) The Internet Society (1998). All Rights Reserved. 36 Abstract 38 This memo defines the NULL public key algorithm. The original goal 39 of this effort was to be able to allow people to optionally sign 40 data, without needing the make the signature optional in the ASN.1. 41 While we were at it, we decided to, for completeness, also specify 42 the method for NULL public key encryption. 44 1. Introduction 46 This memo defines the NULL public key algorithm. It explains how NPKA 47 NULL algorithm should be used both for digital signatures and 48 encryption/key exchange. 50 Despite the fact that we are not lawyers, we are relatively confident 51 that it is quite safe to use this algorithm for export for any key 52 length size. It is also quite impossible for people to discover your 53 private key via timing, power analysis or other cryptographic 54 methods, as long as you are only using this algorithm. 56 2. Algorithm Details 58 2.1 Algorithm Definition 60 In this section, we will show how NPKA can be used for both digital 61 signatures and key exchange. We use the following notation: 63 B represents the puBlic key 64 V represents the priVate key 65 C is the Clear text message 66 E is the Encrypted message 67 S is the Signing algorithm 68 G is the siGnature verification algorithm 69 Y is the key/data encrYption algorithm 70 D is the key/data decryption algorithm 71 F{x, y} is the function F on data elements x and y 73 2.1.1 Digital Signatures 75 This section shows how a private key is used to create a digital 76 signature and a public key used to verify the digital signature. 78 For signatures, the holder of the private key uses the message and 79 the private key to produce a digital signature, which can be verified 80 by anyone with the holder's public key. 82 S{C, V} => C 83 G{E, B} => E 85 Note: This satisfies the property required by all public key 86 signature algorithms - G{S{C, V}, B} => C 88 2.1.2 Encryption/Key Exchange 90 This section shows how a public key is used to encrypt data/keys 91 and a public key used to decrypt the data. 93 Y{C, B} => C 94 D{E, V} => E 96 Note: This satisfies the property required by all public key 97 encryption algorithms - D{Y{C, B}, V} => C 99 2.2 Keying Material 101 Like other modern ciphers, e.g., RC5 [RFC-2040], NPKA 102 can make use of keys of varying lengths. However, no 103 measurable increase in security is afforded by the use of longer key 104 lengths. 106 2.3 Padding 108 NULL has a block size of 1 byte, thus padding is not necessary. 110 2.4. Performance 112 The NULL encryption algorithm is significantly faster than other 113 commonly used symmetric encryption algorithms and implementations of 114 the base algorithm are available for all commonly used hardware and 115 OS platforms. 117 2.5 Test Vectors 119 [TBD] 120 We should also show what a cert with an NPKA signature looks like 122 3. Object Identifiers 124 [TBD] 125 We need to create the OIDs for sha1withNPKA, md4withNPKA, ... 127 4. Operational Requirements 129 [TBD] 131 5. Security Considerations 133 If you do implement this algorithm, please make sure that signatures 134 using that algorithm are only accepted in places where you do not need 135 signatures. Similarly, encryption with this algorithm is only performed 136 where you do not want encryption. 138 6. Algorithm properties 140 In this section, we try to outline the main properties of NPKA. 142 - Very, very high performance for both encryption and decryption, 143 for key exchange and signing. 144 - No export restrictions (for any key length). 145 - No risk of exposing your private key to any potential attacks. 146 - Short key sizes are as strong as keys twice as long. 147 - Small algorithm footprint - excellent for smart card support or other 148 low memory devices. 149 - Support for any sized key. 150 - Can easily be used in both a block or streaming mode. 151 - Great synchronization properties - loss of a single bit in transmission 152 results in only a single bit loss at the receiver (?) 154 7. Intellectual Property Rights 156 [TBD] 158 8. Acknowledgments 160 Spiritual and textual guidance for this document we provided by 161 [RFC2410]. 163 9. References 165 [RFC-2410] Glenn R., and Kent, S., "The NULL Encryption Algorithm and 166 Its Use With IPsec", RFC 2410, November 1998. 168 10. Editors' Addresses 170 Ambarish Malpani 171 ValiCert, Inc. 172 1215 Terra Bella, 173 Mountain View, CA 94043 175 EMail: ambarish@valicert.com 176 Phone: 650.567.5457 178 11. Full Copyright Statement 180 Copyright (C) The Internet Society (1998). All Rights Reserved. 182 This document and translations of it may be copied and furnished to 183 others, and derivative works that comment on or otherwise explain it 184 or assist in its implementation may be prepared, copied, published 185 and distributed, in whole or in part, without restriction of any 186 kind, provided that the above copyright notice and this paragraph are 187 included on all such copies and derivative works. However, this 188 document itself may not be modified in any way, such as by removing 189 the copyright notice or references to the Internet Society or other 190 Internet organizations, except as needed for the purpose of 191 developing Internet standards in which case the procedures for 192 copyrights defined in the Internet Standards process must be 193 followed, or as required to translate it into languages other than 194 English. 196 The limited permissions granted above are perpetual and will not be 197 revoked by the Internet Society or its successors or assigns. 199 This document and the information contained herein is provided on an 200 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 201 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 202 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 203 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 204 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 206 Expires April 2000