IKEv1 Cipher Suites » History » Version 15
Andreas Steffen, 12.02.2014 13:30
Added NTRU support for IKEv1
| 1 | 1 | Andreas Steffen | h1. IKEv1 Cipher Suites |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 10 | Tobias Brunner | The keywords listed below can be used with the _ike_ and _esp_ directives in [[IpsecConf|ipsec.conf]] to define cipher suites. |
| 4 | 10 | Tobias Brunner | |
| 5 | 1 | Andreas Steffen | h2. Encryption Algorithms |
| 6 | 1 | Andreas Steffen | |
| 7 | 14 | Gabriel Werner | |Keyword |Description |IKE |ESP | |
| 8 | 11 | Andreas Steffen | |*null* |Null encryption | |=.k | |
| 9 | 11 | Andreas Steffen | |*aes128* or *aes* |128 bit AES-CBC |x o g a|=.k | |
| 10 | 11 | Andreas Steffen | |*aes192* |192 bit AES-CBC |x o g a|=.k | |
| 11 | 11 | Andreas Steffen | |*aes256* |256 bit AES-CBC |x o g a|=.k | |
| 12 | 11 | Andreas Steffen | |*aes128ctr* |128 bit AES-COUNTER | |=.k | |
| 13 | 11 | Andreas Steffen | |*aes192ctr* |192 bit AES-COUNTER | |=.k | |
| 14 | 11 | Andreas Steffen | |*aes256ctr* |256 bit AES-COUNTER | |=.k | |
| 15 | 11 | Andreas Steffen | |*aes128ccm8* or *aes128ccm64* |128 bit AES-CCM with 64 bit ICV | |=.k | |
| 16 | 11 | Andreas Steffen | |*aes128ccm12* or *aes128ccm96* |128 bit AES-CCM with 96 bit ICV | |=.k | |
| 17 | 11 | Andreas Steffen | |*aes128ccm16* or *aes128ccm128* |128 bit AES-CCM with 128 bit ICV | |=.k | |
| 18 | 11 | Andreas Steffen | |*aes192ccm8* or *aes192ccm64* |192 bit AES-CCM with 64 bit ICV | |=.k | |
| 19 | 11 | Andreas Steffen | |*aes192ccm12* or *aes192ccm96* |192 bit AES-CCM with 96 bit ICV | |=.k | |
| 20 | 11 | Andreas Steffen | |*aes192ccm16* or *aes192ccm128* |192 bit AES-CCM with 128 bit ICV | |=.k | |
| 21 | 11 | Andreas Steffen | |*aes256ccm8* or *aes256ccm64* |256 bit AES-CCM with 64 bit ICV | |=.k | |
| 22 | 11 | Andreas Steffen | |*aes256ccm12* or *aes256ccm96* |256 bit AES-CCM with 96 bit ICV | |=.k | |
| 23 | 11 | Andreas Steffen | |*aes256ccm16* or *aes256ccm128* |256 bit AES-CCM with 128 bit ICV | |=.k | |
| 24 | 11 | Andreas Steffen | |*aes128gcm8* or *aes128gcm64* |128 bit AES-GCM with 64 bit ICV | |=.k | |
| 25 | 11 | Andreas Steffen | |*aes128gcm12* or *aes128gcm96* |128 bit AES-GCM with 96 bit ICV | |=.k | |
| 26 | 11 | Andreas Steffen | |*aes128gcm16* or *aes128gcm128* |128 bit AES-GCM with 128 bit ICV | |=.k | |
| 27 | 11 | Andreas Steffen | |*aes192gcm8* or *aes192gcm64* |192 bit AES-GCM with 64 bit ICV | |=.k | |
| 28 | 11 | Andreas Steffen | |*aes192gcm12* or *aes192gcm96* |192 bit AES-GCM with 96 bit ICV | |=.k | |
| 29 | 11 | Andreas Steffen | |*aes192gcm16* or *aes192gcm128* |192 bit AES-GCM with 128 bit ICV | |=.k | |
| 30 | 11 | Andreas Steffen | |*aes256gcm8* or *aes256gcm64* |256 bit AES-GCM with 64 bit ICV | |=.k | |
| 31 | 11 | Andreas Steffen | |*aes256gcm12* or *aes256gcm96* |256 bit AES-GCM with 96 bit ICV | |=.k | |
| 32 | 11 | Andreas Steffen | |*aes256gcm16* or *aes256gcm128* |256 bit AES-GCM with 128 bit ICV | |=.k | |
| 33 | 11 | Andreas Steffen | |*aes128gmac* |Null encryption with 128 bit AES-GMAC | |=.k | |
| 34 | 11 | Andreas Steffen | |*aes192gmac* |Null encryption with 192 bit AES-GMAC | |=.k | |
| 35 | 11 | Andreas Steffen | |*aes256gmac* |Null encryption with 256 bit AES-GMAC | |=.k | |
| 36 | 11 | Andreas Steffen | |*3des* |168 bit 3DES-EDE-CBC |x o g a|=.k | |
| 37 | 11 | Andreas Steffen | |*blowfish128* or *blowfish* |128 bit Blowfish-CBC |x o g a|=.k | |
| 38 | 11 | Andreas Steffen | |*blowfish192* |192 bit Blowfish-CBC |x o a |=.k | |
| 39 | 11 | Andreas Steffen | |*blowfish256* |256 bit Blowfish-CBC |x o a |=.k | |
| 40 | 11 | Andreas Steffen | |*camellia128* or *camellia* |128 bit Camellia-CBC | |=.k | |
| 41 | 11 | Andreas Steffen | |*camellia192* |192 bit Camellia-CBC | |=.k | |
| 42 | 11 | Andreas Steffen | |*camellia256* |256 bit Camellia-CBC | |=.k | |
| 43 | 11 | Andreas Steffen | |*serpent128* or *serpent* |128 bit Serpent-CBC |>.g a |=.k | |
| 44 | 11 | Andreas Steffen | |*serpent192* |192 bit Serpent-CBC |>.g a |=.k | |
| 45 | 11 | Andreas Steffen | |*serpent256* |256 bit Serpent-CBC |>.g a |=.k | |
| 46 | 11 | Andreas Steffen | |*twofish128* or *twofish* |128 bit Twofish-CBC |>.g a |=.k | |
| 47 | 11 | Andreas Steffen | |*twofish192* |192 bit Twofish-CBC |>. a |=.k | |
| 48 | 11 | Andreas Steffen | |*twofish256* |256 bit Twofish-CBC |>.g a |=.k | |
| 49 | 9 | Andreas Steffen | |
| 50 | 1 | Andreas Steffen | *x* default built-in crypto library |
| 51 | 1 | Andreas Steffen | *o* OpenSSL crypto library |
| 52 | 1 | Andreas Steffen | *g* Gcrypt crypto library |
| 53 | 11 | Andreas Steffen | *a* AF_ALG userland crypto API for Linux 2.6.38 kernel or newer |
| 54 | 6 | Andreas Steffen | *k* Linux 2.6 kernel |
| 55 | 1 | Andreas Steffen | |
| 56 | 1 | Andreas Steffen | |
| 57 | 1 | Andreas Steffen | h2. Integrity Algorithms |
| 58 | 1 | Andreas Steffen | |
| 59 | 12 | Tobias Brunner | |Keyword |Description |=.IKE |=.ESP |=.Info| |
| 60 | 12 | Tobias Brunner | |*md5* |MD5 HMAC |>. 96 bit |>. 96 bit | | |
| 61 | 12 | Tobias Brunner | |*sha1* or *sha* |SHA1 HMAC |>. 96 bit |>. 96 bit | | |
| 62 | 12 | Tobias Brunner | |*aesxcbc* |AES XCBC |>. n/a |>. 96 bit | | |
| 63 | 12 | Tobias Brunner | |*sha2_256* or *sha256* |SHA2_256_128 HMAC |>.128 bit |>.128 bit |=.*t* | |
| 64 | 12 | Tobias Brunner | |*sha2_384* or *sha384* |SHA2_384_192 HMAC |>.192 bit |>.192 bit | | |
| 65 | 12 | Tobias Brunner | |*sha2_512* or *sha512* |SHA2_512_256 HMAC |>.256 bit |>.256 bit | | |
| 66 | 12 | Tobias Brunner | |*sha2_256_96* or *sha256_96* |SHA2_256_96 HMAC |>. n/a |>. 96 bit |=.*p* *t* | |
| 67 | 12 | Tobias Brunner | |
| 68 | 12 | Tobias Brunner | *p* strongSwan uses the value 252 from the IANA private use range |
| 69 | 12 | Tobias Brunner | *t* before version 2.6.33 the Linux kernel incorrectly used 96 bit truncation for SHA-256 |
| 70 | 12 | Tobias Brunner | |
| 71 | 2 | Andreas Steffen | |
| 72 | 1 | Andreas Steffen | h2. Diffie Hellman Groups |
| 73 | 1 | Andreas Steffen | |
| 74 | 8 | Andreas Steffen | h3. Modulo Prime Groups |
| 75 | 1 | Andreas Steffen | |
| 76 | 8 | Andreas Steffen | |Keyword |DH Group |Modulus |IKE | |
| 77 | 6 | Andreas Steffen | |*modp768* |=. 1 |>.768 bits |m o g| |
| 78 | 14 | Gabriel Werner | |*modp1024* |=. 2 |>.1024 bits |m o g| |
| 79 | 6 | Andreas Steffen | |*modp1536* |=. 5 |>.1536 bits |m o g| |
| 80 | 6 | Andreas Steffen | |*modp2048* |=. 14 |>.2048 bits |m o g| |
| 81 | 6 | Andreas Steffen | |*modp3072* |=. 15 |>.3072 bits |m o g| |
| 82 | 6 | Andreas Steffen | |*modp4096* |=. 16 |>.4096 bits |m o g| |
| 83 | 1 | Andreas Steffen | |*modp6144* |=. 17 |>.6144 bits |m o g| |
| 84 | 1 | Andreas Steffen | |*modp8192* |=. 18 |>.8192 bits |m o g| |
| 85 | 8 | Andreas Steffen | |
| 86 | 8 | Andreas Steffen | h3. Modulo Prime Groups with Prime Order Subgroup |
| 87 | 8 | Andreas Steffen | |
| 88 | 8 | Andreas Steffen | |Keyword |DH Group |Modulus |Subgroup |IKE | |
| 89 | 8 | Andreas Steffen | |*modp1024s160* |=. 22 |>.1024 bits |>.160 bits |m o g| |
| 90 | 8 | Andreas Steffen | |*modp2048s224* |=. 23 |>.2048 bits |>.224 bits |m o g| |
| 91 | 8 | Andreas Steffen | |*modp2048s256* |=. 24 |>.2048 bits |>.256 bits |m o g| |
| 92 | 5 | Andreas Steffen | |
| 93 | 13 | Andreas Steffen | h3. NIST Elliptic Curve Groups |
| 94 | 5 | Andreas Steffen | |
| 95 | 5 | Andreas Steffen | |Keyword |DH Group |Modulus |IKE | |
| 96 | 6 | Andreas Steffen | |*ecp192* |=. 25 |>.192 bits |=.o | |
| 97 | 6 | Andreas Steffen | |*ecp224* |=. 26 |>.224 bits |=.o | |
| 98 | 6 | Andreas Steffen | |*ecp256* |=. 19 |>.256 bits |=.o | |
| 99 | 6 | Andreas Steffen | |*ecp384* |=. 20 |>.384 bits |=.o | |
| 100 | 1 | Andreas Steffen | |*ecp521* |=. 21 |>.521 bits |=.o | |
| 101 | 13 | Andreas Steffen | |
| 102 | 13 | Andreas Steffen | h3. Brainpool Elliptic Curve Groups |
| 103 | 13 | Andreas Steffen | |
| 104 | 13 | Andreas Steffen | |Keyword |DH Group |Modulus |IKE | |
| 105 | 13 | Andreas Steffen | |*ecp224bp* |=. 27 |>.224 bits |=.o | |
| 106 | 13 | Andreas Steffen | |*ecp256bp* |=. 28 |>.256 bits |=.o | |
| 107 | 13 | Andreas Steffen | |*ecp384bp* |=. 29 |>.384 bits |=.o | |
| 108 | 13 | Andreas Steffen | |*ecp512bp* |=. 30 |>.512 bits |=.o | |
| 109 | 13 | Andreas Steffen | |
| 110 | 5 | Andreas Steffen | |
| 111 | 6 | Andreas Steffen | *m* GMP multi-precision library |
| 112 | 3 | Andreas Steffen | *o* OpenSSL crypto library |
| 113 | 6 | Andreas Steffen | *g* Gcrypt crypto library |
| 114 | 15 | Andreas Steffen | |
| 115 | 15 | Andreas Steffen | h3. Post-Quantum Key Exchange using NTRU Encryption |
| 116 | 15 | Andreas Steffen | |
| 117 | 15 | Andreas Steffen | |Keyword |DH Group |Strength |IKE | |
| 118 | 15 | Andreas Steffen | |*ntru112* |=. 1030 |>.112 bits |=.n | |
| 119 | 15 | Andreas Steffen | |*ntru128* |=. 1031 |>.128 bits |=.n | |
| 120 | 15 | Andreas Steffen | |*ntru192* |=. 1032 |>.192 bits |=.n | |
| 121 | 15 | Andreas Steffen | |*ntru256* |=. 1033 |>.256 bits |=.n | |
| 122 | 15 | Andreas Steffen | |
| 123 | 15 | Andreas Steffen | *n* ntru plugin (includes "ntru-crypto":https://github.com/NTRUOpenSourceProject/ntru-crypto library) |
| 124 | 15 | Andreas Steffen | |
| 125 | 15 | Andreas Steffen | Since the Diffie-Hellman Group Transform IDs 1030..1033 selected by the strongSwan project to designate the four NTRU key exchange strengths were taken from the private-use range, the strongSwan vendor ID *must* be sent by the charon daemon. This can be enabled by the following statement in /etc/strongswan.conf: |
| 126 | 15 | Andreas Steffen | <pre> |
| 127 | 15 | Andreas Steffen | charon { |
| 128 | 15 | Andreas Steffen | send_vendor_id = yes |
| 129 | 15 | Andreas Steffen | } |
| 130 | 15 | Andreas Steffen | </pre> |