Internet Engineering Task Force P.Qu Internet Draft Z.Li Intended status: Experimental J.Chen Expires: August 27 2023 X.Fan China Academy of Information and Communications Technology February 26, 2023 ShangMi (SM) cryptographic algorithms for DNS Zone Transfers (TSIG) draft-qu-identifier-sm3-for-tsig-00 Abstract This document describes how to use a newly added message digest algorithm "SM3" in the TSIG protocol. It can be used to calculate the digest for the TSIG key by using a hash function. This document details the supplementation of the SM3 algorithm in TSIG. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on August 27, 2023. Copyright Notice Copyright (c) 2023 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of Expires August 27, 2023 [Page 1] Internet-Draft sm for tsig February 2023 publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction..................................................2 1.1. The SM3 Algorithm........................................2 1.2. Terminology..............................................2 2. Algorithm Identifiers.........................................3 3. SM3 Algorithm application.....................................3 3.1. Secret Key in TSIG.......................................3 3.2. TSIG Calculation.........................................3 3.3. Algorithm Process........................................3 4. IANA Consideration............................................4 5. Security Considerations.......................................4 6. References....................................................4 6.1. Normative References.....................................4 6.2. Informative References...................................5 7. Acknowledgments ........................................... ..5 1. Introduction This document describes a newly added message digest algorithm "SM3" in the SecretKey Transaction Authentication for DNS(TSIG) protocol. It can be used to calculate the digest for the TSIG key by using a hash function. This document details the supplementation of the SM3 algorithm in TSIG. 1.1. The SM3 Algorithm This document describes the SM3 algorithm for supplementing the existing TSIG protocol by generating output through a hash function to compute digests on TSIG keys. SM3 has already been accepted by ISO in ISO/IEC 10118-3:2018 [ISO-SM3] and has also been described in detailin[GBT.32905-2016]. The SM3 cryptographic digest algorithm, as the commercial cryptographic hash algorithm standard announced by the State Cryptography Administration of China in 2010, is capable of digital signature and verification in commercial cryptographic applications. It is an improved algorithm based on SHA-256. 1.2. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and Expires August 27, 2023 [Page 2] Internet-Draft sm for tsig February 2023 "OPTIONAL" in this document are to be interpreted as described in [RFC2119] and [ISO-SM3] when, and only when, they appear in all capitals,as shown here. 2.Algorithm Identifiers TSIG_SM3={0xC6}; The algorithm defined here has the following identifiers: 3. SM3 Algorithm application The following is a description of how to use the SM3 algorithm in TSIG. 3.1. Secret Key in TSIG The authentication mechanism proposed in TSIG [RFC8945] uses shared secret keys to establish a trust relationship between two entities. Such keys must be protected in a fashion similar to private keys, lest a third party masquerade as one of the intended parties (forge MACs). 3.2. TSIG Calculation The only message digest algorithm specified in TSIG [RFC8945] is "HMAC-MD5" (see [RFC1321], [RFC2104]). The "HMAC-MD5" algorithm mustbeimplementedforinteroperability. Other algorithms, such as SM3, can be specified. Names and definitions of new algorithms MUST be registered with IANA. All multioctet integers in the TSIG record are sent in network byte order(see[RFC10352.3.2]). 3.3. Algorithm Process The SM3 algorithm is improved on the basis of SHA-256. The essence of the algorithm is to generate a fixed-length hash value after filling and iteratively compressing the data of any length. The length of the message group is 512 bits, and the length of the digestgeneratedbythefinaloutputis256bits. 1.Padding: Add a 1 to the end of the given message and fill with several 0 s, so that the length of the filled message is an integermultipleof512. 2.Grouping:The filled message is grouped into groups of 512 bits. Expires August 27, 2023 [Page 3] Internet-Draft sm for tsig February 2023 3.Iterative compression: Message extension is performed on each group, and the final hash value is obtained with the help of registers. 4. IANA Consideration As mentioned in TSIG[RFC8945], IANA is expected to create and maintain a registry of algorithm names to be used as "Algorithm Names" as defined in Section 2.3. Algorithm names are text strings encoded using the syntax of a domain name. There is no structure required other than names for different algorithms that must be unique when compared as DNS names, i.e., comparison is case insensitive. Assign the name "TSIG_SM3" to the "TSIG Cipher Suites" registry; refertothisdocument: Assign the value 0x0708 with the name "TSIG_sm3" to the "TLS SignatureScheme"registry: Value Description Recommended Reference 0x0708 TSIG_sm3 No RFC Table1 5. Security Considerations At the time of writing, there are no known weak keys to the SM family of encryption algorithms such as SM2, SM3, and SM4, and no security issues have been identified with these algorithms. Thus far,the security of the SM3 algorithm is relatively reliable. 6. References 6.1. Normative References [ISO-SM3] International Organization for Standardization, "IT Security techniques -- Hash-functions -- Part 3: Dedicated hash-functions", ISO/IEC 10118-3:2018, October 2018, . [RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321, DOI 10.17487/RFC1321, April 1992, . [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, DOI 10.17487/RFC2104, February 1997, . Expires August 27, 2023 [Page 4] Internet-Draft sm for tsig February 2023 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC8945] Dupont, F., Morris, S., Vixie, P., Eastlake 3rd, D., Gudmundsson, O., and B. Wellington, "Secret Key Transaction Authentication for DNS (TSIG)", STD 93, RFC 8945, DOI 10.17487/RFC8945, November 2020, . 6.2.Informative References [GBT.32905-2016] Standardization Administration of China, "Information security technology --- SM3 cryptographic hash algorithm", GB/T 32905-2016, March 2017, . 7. Acknowledgments Would like to thank X. Fan, J. Chen, Z. Li who provided special important suggestions and invaluable comments. This document was prepared using 2-Word-v2.0.template.dot. Authors' Addresses Peng Qu CAICT No.52 Huayuan North Road, Haidian District Beijing, Beijing, 100191 China Phone: +86 186 2913 9201 Email: qupeng@caict.ac.cn Expires August 27, 2023 [Page 5] Internet-Draft sm for tsig February 2023 Jian Chen CAICT No.52 Huayuan North Road, Haidian District Beijing, Beijing, 100191 China Phone: +86 138 1103 3332 Email: chenjian3@caict.ac.cn Xiaotian Fan CAICT No.52 Huayuan North Road, Haidian District Beijing, Beijing, 100191 China Phone: +86 134 0108 6945 Email: fanxiaotian@caict.ac.cn Zhiping Li CAICT No.52 Huayuan North Road, Haidian District Beijing, Beijing, 100191 China Phone: +86 185 1107 1386 Email: lizhiping@caict.ac.cn Jiagui Xie CAICT No.52 Huayuan North Road, Haidian District Beijing, Beijing, 100191 China Phone: +86 150 0138 5070 Email: xiejiagui@caict.ac.cn Expires August 27, 2023 [Page 6]