One document matched: draft-jones-jose-aes-gcm-key-wrap-00.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<?xml-stylesheet type='text/xsl' href='http://xml.resource.org/authoring/rfc2629.xslt' ?>
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="4"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc category="std" ipr="trust200902" docName="draft-jones-jose-aes-gcm-key-wrap-00">
<front>
<title>Key Wrapping with AES GCM for JWE</title>
<author fullname="Michael B. Jones" initials="M.B." surname="Jones">
<organization>Microsoft</organization>
<address>
<email>mbj@microsoft.com</email>
<uri>http://self-issued.info/</uri>
</address>
</author>
<date day="13" month="June" year="2013" />
<area>Security</area>
<workgroup>JOSE Working Group</workgroup>
<keyword>RFC</keyword>
<keyword>Request for Comments</keyword>
<keyword>I-D</keyword>
<keyword>Internet-Draft</keyword>
<keyword>JavaScript Object Notation</keyword>
<keyword>JSON</keyword>
<keyword>JSON Web Encryption</keyword>
<keyword>JWE</keyword>
<keyword>JSON Web Algorithms</keyword>
<keyword>JWA</keyword>
<abstract>
<t>
This specification defines how to encrypt (wrap) keys with the
AES GCM algorithm for JSON Web Encryption (JWE) objects.
</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>
This specification defines how to encrypt (wrap) keys with the
AES GCM algorithm <xref target="AES"/> <xref target="NIST.800-38D"/>
for JSON Web Encryption (JWE) <xref target="JWE"/>
objects.
</t>
<section title='Notational Conventions'>
<t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL",
"SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" in this document are to be interpreted as
described in
Key words for use in RFCs to Indicate Requirement Levels <xref target='RFC2119' />.
</t>
</section>
</section>
<section title="Terminology">
<t>
This specification uses the same terminology as the
JSON Web Encryption (JWE) <xref target="JWE"/> and
JSON Web Algorithms (JWA) <xref target="JWA"/>
specifications.
</t>
</section>
<section title="Key Encryption with AES GCM" anchor="KeyEncryptionGCM">
<t>
This section defines the specifics of encrypting a
JWE Content Encryption Key (CEK) with
Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM)
<xref target="AES"/> <xref target="NIST.800-38D"/>
using 128 or 256 bit keys.
The <spanx style="verb">alg</spanx> header parameter values
<spanx style="verb">A128GCMKW</spanx> or <spanx style="verb">A256GCMKW</spanx>
are respectively used in this case.
</t>
<t>
Use of an Initialization Vector of size 96 bits is
REQUIRED with this algorithm.
</t>
<t>
The Additional Authenticated Data value used is
the empty octet string.
</t>
<t>
The requested size of the Authentication Tag output MUST be
128 bits, regardless of the key size.
</t>
<t>
Let JWE Encrypted Key value be the concatenation of
the Initialization Vector value,
the Ciphertext output,
and the Authentication Tag output.
</t>
<t>
During key decryption, the JWE Encrypted Key value is split into
three inputs to the AES GCM decryption algorithm:
the first 96 bits are the Initialization Vector value,
the last 128 bits are the Authentication Tag value,
and the remaining bits in between are the Ciphertext value.
</t>
</section>
<section title="IANA Considerations" anchor="IANA">
<section title="JSON Web Signature and Encryption Algorithms Registration">
<t>
This specification registers the algorithms defined in
<xref target="KeyEncryptionGCM"/> in the
JSON Web Signature and Encryption Algorithms registry <xref target="JWA"/>.
</t>
<section title='Registry Contents'>
<t> <?rfc subcompact="yes"?>
<list style='symbols'>
<t>
Algorithm Name: <spanx style="verb">A128GCMKW</spanx>
</t>
<t>
Algorithm Usage Location(s): <spanx style="verb">alg</spanx>
</t>
<t>
Implementation Requirements: OPTIONAL
</t>
<t>
Change Controller: IETF
</t>
<t>
Specification Document(s): <xref target="KeyEncryptionGCM" /> of [[ this document ]]
</t>
</list>
</t>
<t>
<list style='symbols'>
<t>
Algorithm Name: <spanx style="verb">A256GCMKW</spanx>
</t>
<t>
Algorithm Usage Location(s): <spanx style="verb">alg</spanx>
</t>
<t>
Implementation Requirements: OPTIONAL
</t>
<t>
Change Controller: IETF
</t>
<t>
Specification Document(s): <xref target="KeyEncryptionGCM" /> of [[ this document ]]
</t>
</list>
</t>
</section>
<?rfc subcompact="no"?>
</section>
</section>
<section title="Security Considerations" anchor="Security">
<t>
The security considerations in
<xref target="AES"/> and <xref target="NIST.800-38D"/>
also apply to this specification.
</t>
</section>
</middle>
<back>
<references title="Normative References">
<?rfc include='http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml' ?>
<reference anchor="JWE">
<front>
<title>JSON Web Encryption (JWE)</title>
<author fullname="Michael B. Jones" initials="M.B." surname="Jones">
<organization>Microsoft</organization>
<address>
<email>mbj@microsoft.com</email>
<uri>http://self-issued.info/</uri>
</address>
</author>
<author fullname="Eric Rescorla" initials="E." surname="Rescorla">
<organization abbrev="RTFM">RTFM, Inc.</organization>
<address>
<email>ekr@rtfm.com</email>
</address>
</author>
<author fullname="Joe Hildebrand" initials="J." surname="Hildebrand">
<organization abbrev="Cisco">Cisco Systems, Inc.</organization>
<address>
<email>jhildebr@cisco.com</email>
</address>
</author>
<date day="28" month="May" year="2013" />
</front>
<seriesInfo value="draft-ietf-jose-json-web-encryption" name="Internet-Draft"/>
<format target="http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption" type="HTML" />
</reference>
<reference anchor="JWA">
<front>
<title>JSON Web Algorithms (JWA)</title>
<author fullname="Michael B. Jones" initials="M.B." surname="Jones">
<organization>Microsoft</organization>
<address>
<email>mbj@microsoft.com</email>
<uri>http://self-issued.info/</uri>
</address>
</author>
<date day="28" month="May" year="2013" />
</front>
<seriesInfo value="draft-ietf-jose-json-web-algorithms" name="Internet-Draft"/>
<format target="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms" type="HTML"/>
</reference>
<reference anchor="AES">
<front>
<title>Advanced Encryption Standard (AES)</title>
<author>
<organization>National Institute of Standards and Technology (NIST)
</organization>
</author>
<date month="November" year="2001" />
</front>
<seriesInfo name="FIPS" value="PUB 197" />
<format target="http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf" type="PDF" />
</reference>
<reference anchor="NIST.800-38D">
<front>
<title>Recommendation for Block Cipher Modes of Operation:
Galois/Counter Mode (GCM) and GMAC</title>
<author>
<organization>National Institute of Standards and Technology (NIST)
</organization>
</author>
<date month="December" year="2001" />
</front>
<seriesInfo name="NIST" value="PUB 800-38D" />
<format target="http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf" type="PDF" />
</reference>
</references>
<section title='Document History'>
<t>
[[ to be removed by the RFC editor before publication as an RFC ]]
</t>
<t>
-00
<list style='symbols'>
<t>
Created draft-jones-jose-aes-gcm-key-wrap.
</t>
</list>
</t>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 01:42:22 |