iSCSI IPsec-Related Algorithm Proposal

["Herbert, Howard C" <howard.c.herbert@intel.com>]

David:

Progress on completing the iSCSI draft RFCs is extending past the
development deadlines necessary to allow 2002 product teams to complete
their designs.  One open issue relates to selecting the specific IPsec ESP
integrity (mandatory to implement) and confidentiality (optional to
implement) algorithms for use with iSCSI.  Members of the working group have
been focused until now on algorithms that would scale to 10 Gbit/sec.  Even
though progress has been made at identifying promising candidate algorithms
(AES-based PMAC Mode for integrity and AES-based Counter Mode for
confidentiality - see http://csrc.nist.gov/encryption/modes/), this work
will not be completed in time for inclusion in 2002 products.

As a result, I would like to propose to the iSCSI Working Group a two-phase
strategy for selecting the specific IPsec ESP integrity and confidentiality
algorithms for use with iSCSI.  Since almost all 2002 products will be using
1 Gbit/sec interfaces, phase one products would standardize on already
approved IPsec ESP algorithms that can be scaled to 1 Gbit/sec and phase two
products (i.e., 2003) would standardize on algorithms that can be scaled to
10 Gbit/sec.

Specifically, phase one products would use AES CBC MAC mode as the integrity
algorithm and AES CBC mode as the confidentiality algorithm.  This proposal
means vendors only have to implement a single base-algorithm with slight
mode variations in order to have a complete 1 Gbit solution (integrity and
confidentiality).  Adopting AES in phase one also establishes a foundation
upon which to build phase two solutions (different modes of operation on the
same base algorithm).

While this proposal only addresses a small part of the total "iSCSI
security" problem.  It would allow silicon vendors to finalize a critical
part of their 2002 designs.
 
Thanks

Howard C. Herbert

Product Architect
Intel Corporation
LAN Access Division
Phone: 480-554-3116