rfc1827.txt

RFC文档

使用者需要明白此规格提供的安全品质完全依赖于所采用的加密算法的强度和实现时的正确性，以及密钥管理机制的安全性和它实现时的安全性，还依赖于密钥自身的强度以及在所有相关系统中ESP 和IP实施的正确性。

如果这些假定的条件有一些不满足，就不会有真正的安全可言。在IP 封装安全有效载荷中推荐使用高可靠性的的开发技术。

如果用户想在受到流量分析时保护数据，他可能用到一个恰当的链接加密方法。链接加密的描述和规格不在此篇文章的论述范围之内。

即使不使用面向用户的密钥，当前使用的算法对于所有的选择明文攻击方法来说都应该是牢固的。对DES的选择明文攻击在[BS93]和[Mat94]中被描述。面向用户的密钥的被推荐使用，因为它可以排除各种选择明文攻击并且使解密更困难。就像在IP Security Architecture[AtK95a]描述的那样，在实现的时候应该使用面向用户的密钥。



承谢
此文档极大的受益于Bill Simpson,Perry Metzger ,Phil Karn做的工作，他们将SIP,SIPP,IPv6 的作者最初定义的方法普遍化。

本文的许多概念源于美国政府的SP3安全协议规格，ISO/IEC的NLSP规格，以及提议中的swIPe安全协议[SDNS89,ISO92a,IB93,IBK93,ISO92b]或是受到它们的影响。用于保密的DES的使用在论述SNMPv2的文章中已经被严整的建模[GM93]。Steve Deering,Dave Michelcic,Hilarie Orman提供了对此篇备忘录早期版本的可靠的评论。


参考文献

[Atk95a] Atkinson, R., "Security Architecture for the Internet
            Protocol", RFC 1825, NRL, August 1995.

   [Atk95b] Atkinson, R., "IP Authentication Header", RFC 1826, NRL,
            August 1995.

   [Bel89]  Steven M. Bellovin, "Security Problems in the TCP/IP
            Protocol Suite", ACM Computer Communications Review, Vol. 19,
            No. 2, March 1989.

   [Bel95]  Steven M. Bellovin, Presentation at IP Security Working
            Group Meeting, Proceedings of the 32nd Internet Engineering
            Task Force, March 1995, Internet Engineering Task Force,
            Danvers, MA.

   [BS93]   Eli Biham and Adi Shamir, "Differential Cryptanalysis of the
            Data Encryption Standard", Springer-Verlag, New York, NY,
            1993.

   [CN94]   John M. Carroll & Sri Nudiati, "On Weak Keys and Weak Data:
            Foiling the Two Nemeses", Cryptologia, Vol. 18, No. 23,
            July 1994. pp. 253-280

   [CERT95] Computer Emergency Response Team (CERT), "IP Spoofing Attacks
            and Hijacked Terminal Connections", CA-95:01, January 1995.
            Available via anonymous ftp from info.cert.org.

   [DIA]    US Defense Intelligence Agency (DIA), "Compartmented Mode
            Workstation Specification", Technical Report
            DDS-2600-6243-87.

   [GM93]   Galvin J., and K. McCloghrie, "Security Protocols for
            version 2 of the Simple Network Management Protocol
            (SNMPv2)", RFC 1446, Trusted Information Systems, Hughes LAN
            Systems, April 1993.

   [Hin94]  Bob Hinden (Editor), Internet Protocol version 6 (IPv6)
            Specification, Work in Progress, October 1994.

   [IB93]   John Ioannidis & Matt Blaze, "Architecture and Implementation
            of Network-layer Security Under Unix", Proceedings of the USENIX
            Security Symposium, Santa Clara, CA, October 1993.

   [IBK93]  John Ioannidis, Matt Blaze, & Phil Karn, "swIPe:
            Network-Layer Security for IP", presentation at the Spring
            1993 IETF Meeting, Columbus, Ohio.

   [ISO92a] ISO/IEC JTC1/SC6, Network Layer Security Protocol, ISO-IEC
            DIS 11577, International Standards Organisation, Geneva,
            Switzerland, 29 November 1992.

   [ISO92b] ISO/IEC JTC1/SC6, Network Layer Security Protocol, ISO-IEC
            DIS 11577, Section 13.4.1, page 33, International Standards
            Organisation, Geneva, Switzerland, 29 November 1992.

   [Ken91]  Kent, S., "US DoD Security Options for the Internet
            Protocol", RFC 1108, BBN Communications, November 1991.

   [KMS95]  Karn, P., Metzger, P., and W. Simpson, "The ESP DES-CBC
            Transform", RFC 1829, Qualcomm, Inc., Piermont, Daydreamer,
            August 1995.

   [Mat94]  Matsui, M., "Linear Cryptanalysis method for DES Cipher",
            Proceedings of Eurocrypt '93, Berlin, Springer-Verlag, 1994.

   [NIST77] US National Bureau of Standards, "Data Encryption Standard",
            Federal Information Processing Standard (FIPS) Publication
            46, January 1977.

   [NIST80] US National Bureau of Standards, "DES Modes of Operation"
            Federal Information Processing Standard (FIPS) Publication
            81, December 1980.

   [NIST81] US National Bureau of Standards, "Guidelines for Implementing
            and Using the Data Encryption Standard", Federal Information
            Processing Standard (FIPS) Publication 74, April 1981.

   [NIST88] US National Bureau of Standards, "Data Encryption Standard",
            Federal Information Processing Standard (FIPS) Publication
            46-1, January 1988.

   [STD-2]  Reynolds, J., and J. Postel, "Assigned Numbers", STD 2,
            RFC 1700, USC/Information Sciences Institute, October 1994.

   [Sch94]  Bruce Schneier, Applied Cryptography, John Wiley & Sons,
            New York, NY, 1994.  ISBN 0-471-59756-2

   [SDNS89] SDNS Secure Data Network System, Security Protocol 3, SP3,
            Document SDN.301, Revision 1.5, 15 May 1989, as published
            in NIST Publication NIST-IR-90-4250, February 1990.


作者声明

本文的观点和规格代表作者本人，海军研究实验室还没有对本文的价值（如果有的话）作出判断。本文作者以及作者的雇主对于由于正确或者错误的实施使用此规格而引起的问题不负任何责任。

作者地址
  
  Randall Atkinson
   Information Technology Division
   Naval Research Laboratory
   Washington, DC 20375-5320
   USA

   Phone:  (202) 404-7090
   Fax:    (202) 404-7942
   EMail:  atkinson@itd.nrl.navy.mil