Document: draft-seokung-msec-mikey-seed-03 Reviewer: Spencer Dawkins IETF LC End Date: 2009-08-07 Review Date: 2009-08-03 IESG Telechat date: (not known) Summary: This document is almost ready for publication as an Informational RFC. I have some questions (marked as "Spencer (minor):") that would be nits if they weren't in the Security Considerations section. Addition of the new values to use the SEED Cipher Algorithm in the Multimedia Internet KEYing (MIKEY) Spencer (clarity): I would suggest a possible title change to something like "IANA Registry Update for SEED Cipher Algorithm Support in "Multimedia Internet KEYing (MIKEY)" - it wasn't clear that this was an IANA request until I was about halfway through the draft. Please check this with your document shepherd, before submitting an update with a new title! Abstract This document proposes the addition of new values to use the SEED block cipher algorithm for the Secure Real-time Transport Protocol (SRTP) and the secure Real-time Transport Control Protocol (SRTCP) in Multimedia Internet KEYing (MIKEY). Spencer (clarity): I would suggest something like s/This document proposes the addition of new values to use/This document updates IANA registries to support/, both here and in the Introduction (same paragraph, with references added, so same comment). 1. Introduction This document proposes the addition of new values to use the SEED [RFC4269] block cipher algorithm for the Secure Real-time Transport Protocol (SRTP) and the Secure Real-time Transport Control Protocol (SRTCP) [RFC3711] in Multimedia Internet KEYing (MIKEY) [RFC3830]. 1.1. SEED SEED is a Korean National Industrial Association standard and is widely used in South Korea for electronic commerce and various security products such as firewall, VPN, and so on. Spencer (clarity): I think the following paragraph should be the first paragraph in this section (the previous paragraph is fine, but the following paragraph is the most helpful to the reader). SEED is a 128-bit symmetric key block cipher that has been developed by KISA (Korea Information Security Agency) and a group of experts since 1998. The input/output block size of SEED is 128-bit and the key length is also 128-bit. SEED has a 16-round Feistel structure. 2.1. Modified Table 6.10.1.b from [RFC3830] For the Encryption algorithm, a one byte length is enough. The Spencer (clarity): I'm not sure what you mean by "a one byte length is enough" - is this saying that space is available in the registry table? Or something else? I have the same comment about the same text in section 2.2. currently defined possible values are: SRTP encr alg | Value --------------------- NULL | 0 AES-CM | 1 AES-F8 | 2 SEED-CTR | 3 (NEW) SEED-CCM | 4 (NEW) SEED-GCM | 5 (NEW) Figure 1: Table 6.10.1.b from [RFC3830] (Revised) 2.2. Modified Table 6.10.1.d from [RFC3830] For the SRTP pseudo-random function, a one byte length is also enough. The currently defined possible values are: SRTP PRF | Value --------------------- AES-CM | 0 SEED-CTR | 1 (NEW) Figure 2: Table 6.10.1.d from [RFC3830] (Revised) 3. Security Considerations No security problem has been found on SEED. SEED is secure against all known attacks including Differential cryptanalysis, linear Spencer (minor): I would suggest dropping the first sentence. cryptanalysis, and related key attacks. The best known attack is only Spencer (minor): should this be "The only known attack is an exhaustive search for the key"? an exhaustive search for the key. For further security considerations, the reader is encouraged to read [SEED-EVAL].