Advanced Cipher Suite Examples » History » Version 20
Andreas Steffen, 07.07.2021 04:05
| 1 | 2 | Andreas Steffen | h1. Advanced Cipher Suite Examples |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 17 | Andreas Steffen | |*Algorithm* | *IKEv1* | *IKEv2* | |
| 4 | 17 | Andreas Steffen | |ECP 256, 384, 512 (DH groups 19, 20, 21) |{{tc(openssl-ikev1/alg-ecp-high/,IKEv1)}} | {{tc(openssl-ikev2/alg-ecp-high/,IKEv2)}} | |
| 5 | 18 | Andreas Steffen | |MODP with subgroups (DH groups 22, 23, 24)|{{tc_dr(ikev1-algs/alg-modp-subgroup/,IKEv1)}} | {{tc(ikev2-algs/alg-modp-subgroup/,IKEv2)}} | |
| 6 | 17 | Andreas Steffen | |ECP 192, 224 (DH groups 25, 26) |{{tc(openssl-ikev1/alg-ecp-low/,IKEv1)}} | {{tc(openssl-ikev2/alg-ecp-low/,IKEv2)}} | |
| 7 | 17 | Andreas Steffen | |ECDSA 256, 384, 521 |{{tc(openssl-ikev1/ecdsa-certs/,IKEv1)}} | {{tc(openssl-ikev2/ecdsa-certs/,IKEv2)}} | |
| 8 | 18 | Andreas Steffen | |AES CTR |{{tc(ikev1-algs/esp-alg-aes-ctr/,ESP)}} | {{tc(ikev2-algs/alg-aes-ctr/,IKEv2+ESP)}} | |
| 9 | 18 | Andreas Steffen | |AES CCM |{{tc(ikev1-algs/esp-alg-aes-ccm/,ESP)}} | {{tc(ikev2-algs/alg-aes-ccm/,IKEv2+ESP)}} | |
| 10 | 18 | Andreas Steffen | |AES GCM |{{tc(ikev1-algs/esp-alg-aes-gcm/,ESP)}} | {{tc(ikev2-algs/alg-aes-gcm/,IKEv2+ESP)}} | |
| 11 | 18 | Andreas Steffen | |AES GMAC^ |{{tc(ikev1-algs/esp-alg-aes-gmac/,ESP)}} | {{tc(ikev2-algs/esp-alg-aes-gmac/,ESP)}} | |
| 12 | 18 | Andreas Steffen | |Blowfish CBC |{{tc(ikev1-algs/alg-blowfish/,IKEv1+ESP)}} | {{tc(ikev2-algs/alg-blowfish/,IKEv2+ESP)}} | |
| 13 | 17 | Andreas Steffen | |Camellia CBC |{{tc(openssl-ikev1/alg-camellia/,IKEv1+ESP)}} | {{tc(openssl-ikev2/alg-camellia/,IKEv2+ESP)}} | |
| 14 | 17 | Andreas Steffen | |Serpent CBC |{{tc(gcrypt-ikev1/alg-serpent/,IKEv1+ESP)}} | | |
| 15 | 17 | Andreas Steffen | |Twofish CBC |{{tc(gcrypt-ikev1/alg-twofish/,IKEv1+ESP)}} | | |
| 16 | 18 | Andreas Steffen | |NULL encryption |{{tc(ikev1-algs/esp-alg-null/,ESP)}} | {{tc(ikev2-algs/esp-alg-null/,ESP)}} | |
| 17 | 20 | Andreas Steffen | |AES XCBC |{{tc(ikev1-algs/esp-alg-aes-xcbc/,ESP)}} | {{tc(ikev2-algs/alg-aes-xcbc/,IKEv2+ESP)}} | |
| 18 | 18 | Andreas Steffen | |SHA256* |{{tc(ikev1-algs/alg-sha256/,IKEv1+ESP)}} | {{tc(ikev2-algs/alg-sha256/,IKEv2+ESP)}} | |
| 19 | 18 | Andreas Steffen | |SHA384* |{{tc(ikev1-algs/alg-sha384/,IKEv1+ESP)}} | {{tc(ikev2-algs/alg-sha384/,IKEv2+ESP)}} | |
| 20 | 18 | Andreas Steffen | |SHA512* |{{tc(ikev1-algs/alg-sha512/,IKEv1+ESP)}} | {{tc(ikev2-algs/alg-sha512/,IKEv2+ESP)}} | |
| 21 | 18 | Andreas Steffen | |ChaCha20 / Poly1305~ | | {{tc(ikev2-algs/alg-chacha20poly1305/,IKEv2+ESP)}} | |
| 22 | 1 | Andreas Steffen | |
| 23 | 16 | Tobias Brunner | ^requires the "AES-GMAC patch":http://download.strongswan.org/testing/aes_gmac.patch.bz2 that was integrated into the Linux 2.6.34 kernel. |
| 24 | 16 | Tobias Brunner | *requires the "SHA2 truncation patch":http://download.strongswan.org/testing/sha2.patch.bz2 that was integrated into the Linux 2.6.33 kernel. |
| 25 | 15 | Andreas Steffen | ~requires a Linux 4.2 kernel or newer. |