Proposal for a new block cipher Algorithm in Addtional URIs from HwanJinLee on 2008-01-17 (w3c-ietf-xmldsig@w3.org from January to March 2008)

From: HwanJinLee <lhj79@kisa.or.kr>
Date: Thu, 17 Jan 2008 09:20:44 +0900
To: Donald.Eastlake@motorola.com, w3c-ietf-xmldsig@w3.org, w3c-ietf-xmldsig-request@w3.org
Cc: "박해룡" <hrpark@kisa.or.kr>, "최은영" <bluecey@kisa.or.kr>, "강연정" <yjkang@kisa.or.kr>, "김현" <hkim@kisa.or.kr>, "안석영" <sukyoungahn@kisa.or.kr>
Message-id: <000501c8589e$cd1f8090$675e81b0$@or.kr>

Dear Donald Eastlake and W3C/IETF XML Digital Signature WG.

 

The document "XML Encryption Syntax and processing" specifies only Triple
DES and AES as block encryption algorithms. And document of additional XML
URIs includes Camellia as an OPTIONAL block encryption algorithm currently.

 

We are looking forward to adding SEED algorithm to OPTIONAL Encryption
Algorithm in RFC 4051 like  CAMELLIA, and so on.

 

SEED is a national standard encryption algorithm in the Republic of Korea
[TTASSEED] and is designed to use the S-boxes and permutations that balance
with the current computing technology. It has the Feistel structure with 16-
round and is strong against DC (Differential Cryptanalysis), LC (Linear
Cryptanalysis), and related key attacks, balanced with security/efficiency
trade-off.

 

SEED(RFC 4269) is included in SSL/TLS, IPsec and S/MIME(RFC 4010, 4162, and
4196 respectively) and ISO/IEC 18033-3.

 

Korean Standard

o TTAS.KO-12.0004 : 128-bit Symmetric Block Cipher(SEED)

 

International Standard

o ISO/IEC 18033-3 : Information technology - Security techniques -
Encryption algorithms - Part 3 : Block ciphers 

o IETF RFC 4269 : The SEED Encryption Algorithm 

o IETF RFC 4010 : Use of the SEED Encryption Algorithm in Cryptographic
Message Syntax (CMS)

o IETF RFC 4162 : Addition of SEED Cipher Suites to Transport Layer
Security (TLS) 

o IETF RFC 4196 : The SEED Cipher Algorithm and Its Use with IPsec

 

SEED has been widely used in the Republic of Korea for confidential
services such as electronic commerce.

(e.g., financial services provided in wired and wireless communication.)

 

SEED's namespace in the Additional URIs is
"http://www.w3.org/2007/05/xmldsig-more#seed128-cbc".

 

We propose to add the following sentence to section 2.6.4 of RFC 4051

 

----------------------------------------------------------------------------
----------

 2.6.4 SEED Block Encryption

 

    Identifiers:

         http://www.w3.org/2007/05/xmldsig-more#seed128-cbc

 

    SEED[RFC 4269] is an efficient and secure block cipher that is 128-bit
block size

    and 128-bit key sizes. In XML Encryption, SEED is used in the Cipher
Block

    Chaining (CBC) mode with a 128-bit initialization vector (IV). The

    resulting cipher text is prefixed by the IV. If included in XML

    output, it is then base64 encoded. An example SEED EncryptionMethod is
as follows:

 

    <EncryptionMethod

       Algorithm=

       "http://www.w3.org/2007/05/xmldsig-more#seed128-cbc"

    />

----------------------------------------------------------------------------
----------

 

Best regards,

 

Hwanjin Lee

 

============================

Korea Information Security Agency

 IT Infrastructure Protection Division 
 Applied Cryptography Technology Team 

 Researcher

 

              HwanJin  Lee



 TEL:+82-2-405-5454 | FAX +82-2-405-5219
 E-mail : lhj79@kisa.or.kr

============================

Received on Thursday, 17 January 2008 07:28:10 UTC