strongSwan

h1. IKEv1 Cipher Suites

h2. Encryption Algorithms

|Keyword                         |Description                      |IKE |ESP | 

|*null*                          |Null encryption                  |    |=.k |

|*aes128* or *aes*               |128 bit AES-CBC                  |x o g|=.k |

|*aes192*                        |192 bit AES-CBC                  |x o g|=.k |

|*aes256*                        |256 bit AES-CBC                  |x o g|=.k |

|*3des*                          |168 bit 3DES-EDE-CBC             |x o g|=.k |

|*blowfish128* or *blowfish*     |128 bit Blowfish-CBC             |x o g|=.k |

|*blowfish192*                   |192 bit Blowfish-CBC             |x o  |=.k |

|*blowfish256*                   |256 bit Blowfish-CBC             |x o  |=.k |

|*camellia128* or *camellia*     |128 bit Camellia-CBC             |     |=.k |

|*camellia192*                   |192 bit Camellia-CBC             |     |=.k |

|*camellia256*                   |256 bit Camellia-CBC             |     |=.k |

|*serpent128* or *serpent*       |128 bit Serpent-CBC              |>.g  |=.k |

|*serpent192*                    |192 bit Serpent-CBC              |>.g  |=.k |

|*serpent256*                    |256 bit Serpent-CBC              |>.g  |=.k |

|*twofish128* or *twofish*       |128 bit Twofish-CBC              |>.g  |=.k |

|*twofish192*                    |192 bit Twofish-CBC              |     |=.k |

|*twofish256*                    |256 bit Twofish-CBC              |>.g  |=.k |

*x* default built-in crypto library

*o* OpenSSL crypto library

*g* Gcrypt crypto library

*k* Linux 2.6 kernel

h2. Integrity Algorithms

|Keyword                |Description   |IKE     |ESP     |

|*sha1* or *sha*        |SHA1 HMAC     | 96 bit | 96 bit |

|*sha2_256* or *sha256* |SHA2_256 HMAC |128 bit | 96 bit |

|*sha2_384* or *sha384* |SHA2_384 HMAC |192 bit |        |

|*sha2_512* or *sha512* |SHA2_512 HMAC |256 bit |        |

|*md5*                  |MD5 HMAC      | 96 bit | 96 bit |

|*aesxcbc*              |AES XCBC      |        | 96 bit |

h2. Diffie Hellman Groups

h3. RSA Groups

|Keyword    |DH Group |Modulus     |IKE |

|*modp768*  |=.  1    |>.768 bits  |m o g|

|*modp1024* |=.  2    |>.1024 bits |m o g| 

|*modp1536* |=.  5    |>.1536 bits |m o g|

|*modp2048* |=. 14    |>.2048 bits |m o g|

|*modp3072* |=. 15    |>.3072 bits |m o g|

|*modp4096* |=. 16    |>.4096 bits |m o g|

|*modp6144* |=. 17    |>.6144 bits |m o g|

|*modp8192* |=. 18    |>.8192 bits |m o g|

h3. Elliptic Curve Groups

|Keyword    |DH Group |Modulus    |IKE |

|*ecp192*   |=. 25    |>.192 bits |=.o |

|*ecp224*   |=. 26    |>.224 bits |=.o |

|*ecp256*   |=. 19    |>.256 bits |=.o |

|*ecp384*   |=. 20    |>.384 bits |=.o |

|*ecp521*   |=. 21    |>.521 bits |=.o |

*m* GMP multi-precision library

*o* OpenSSL crypto library

*g* Gcrypt crypto library