Using GOST Ciphers in the Encapsulating Security Payload and Internet Key Exchange Version 2 Protocols
RFC 9227, “Using GOST Ciphers in the Encapsulating Security Payload and Internet Key Exchange Version 2 Protocols”, is an Informational document published in March 2022 by V. Smyslov. The canonical text is published by the RFC Editor.
Abstract
This document defines a set of encryption transforms for use in the Encapsulating Security Payload (ESP) and in the Internet Key Exchange version 2 (IKEv2) protocols, which are parts of the IP Security (IPsec) protocol suite. The transforms are based on the GOST R 34.12-2015 block ciphers (which are named "Magma" and "Kuznyechik") in Multilinear Galois Mode (MGM) and the external rekeying approach.
This specification was developed to facilitate implementations that wish to support the GOST algorithms. This document does not imply IETF endorsement of the cryptographic algorithms used in this document.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 9227 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9226 Bioctal: Hexadecimal 2.0
- RFC 9228 Delivered-To Email Header Field
- RFC 9225 Software Defects Considered Harmful
- RFC 9229 IPv4 Routes with an IPv6 Next Hop in the Babel Routing Protocol
- RFC 9224 Finding the Authoritative Registration Data Access Protocol Service
- RFC 9230 Oblivious DNS over HTTPS
- RFC 9223 Real-Time Transport Object Delivery over Unidirectional Transport
- RFC 9231 Additional XML Security Uniform Resource Identifiers