IKEv1 Cipher Suites » History » Version 6

« Previous - Version 6/31 (diff) - Next » - Current version
Andreas Steffen, 20.06.2009 08:52
Added Gcrypt support

IKEv1 Cipher Suites¶

Encryption Algorithms¶

Keyword	Description	IKE	ESP
null	Null encryption		k
aes128 or aes	128 bit AES-CBC	x o g	k
aes192	192 bit AES-CBC	x o g	k
aes256	256 bit AES-CBC	x o g	k
3des	168 bit 3DES-EDE-CBC	x o g	k
blowfish128 or blowfish	128 bit Blowfish-CBC	x o g	k
blowfish192	192 bit Blowfish-CBC	x o	k
blowfish256	256 bit Blowfish-CBC	x o	k
camellia128 or camellia	128 bit Camellia-CBC		k
camellia192	192 bit Camellia-CBC		k
camellia256	256 bit Camellia-CBC		k
serpent128 or serpent	128 bit Serpent-CBC	g	k
serpent192	192 bit Serpent-CBC	g	k
serpent256	256 bit Serpent-CBC	g	k
twofish128 or twofish	128 bit Twofish-CBC	g	k
twofish192	192 bit Twofish-CBC		k
twofish256	256 bit Twofish-CBC	g	k

x default built-in crypto library
o OpenSSL crypto library
g Gcrypt crypto library
k Linux 2.6 kernel

Integrity Algorithms¶

Keyword	Description	IKE	ESP
sha1 or sha	SHA1 HMAC	96 bit	96 bit
sha2_256 or sha256	SHA2_256 HMAC	128 bit	96 bit
sha2_384 or sha384	SHA2_384 HMAC	192 bit
sha2_512 or sha512	SHA2_512 HMAC	256 bit
md5	MD5 HMAC	96 bit	96 bit
aesxcbc	AES XCBC		96 bit

Diffie Hellman Groups¶

RSA Groups¶

Keyword	DH Group	Modulus	IKE
modp768	1	768 bits	m o g
modp1024	2	1024 bits	m o g
modp1536	5	1536 bits	m o g
modp2048	14	2048 bits	m o g
modp3072	15	3072 bits	m o g
modp4096	16	4096 bits	m o g
modp6144	17	6144 bits	m o g
modp8192	18	8192 bits	m o g

Elliptic Curve Groups¶

Keyword	DH Group	Modulus	IKE
ecp192	25	192 bits	o
ecp224	26	224 bits	o
ecp256	19	256 bits	o
ecp384	20	384 bits	o
ecp521	21	521 bits	o

m GMP multi-precision library
o OpenSSL crypto library
g Gcrypt crypto library

Files (0)