History

IKEv1 Cipher Suites » History » Version 8

« Previous - Version 8/31 (diff) - Next » - Current version
Andreas Steffen, 23.04.2010 15:33
added DH groups 22, 23, 24

IKEv1 Cipher Suites¶

Encryption Algorithms¶

Keyword	Description	IKE	ESP
null	Null encryption		k
aes128 or aes	128 bit AES-CBC	x o g	k
aes192	192 bit AES-CBC	x o g	k
aes256	256 bit AES-CBC	x o g	k
aes128ctr	128 bit AES-COUNTER		k
aes192ctr	192 bit AES-COUNTER		k
aes256ctr	256 bit AES-COUNTER		k
aes128ccm8 or aes128ccm64	128 bit AES-CCM with 64 bit ICV		k
aes128ccm12 or aes128ccm96	128 bit AES-CCM with 96 bit ICV		k
aes128ccm16 or aes128ccm128	128 bit AES-CCM with 128 bit ICV		k
aes192ccm8 or aes192ccm64	192 bit AES-CCM with 64 bit ICV		k
aes192ccm12 or aes192ccm96	192 bit AES-CCM with 96 bit ICV		k
aes192ccm16 or aes192ccm128	192 bit AES-CCM with 128 bit ICV		k
aes256ccm8 or aes256ccm64	256 bit AES-CCM with 64 bit ICV		k
aes256ccm12 or aes256ccm96	256 bit AES-CCM with 96 bit ICV		k
aes256ccm16 or aes256ccm128	256 bit AES-CCM with 128 bit ICV		k
aes128gcm8 or aes128gcm64	128 bit AES-GCM with 64 bit ICV		k
aes128gcm12 or aes128gcm96	128 bit AES-GCM with 96 bit ICV		k
aes128gcm16 or aes128gcm128	128 bit AES-GCM with 128 bit ICV		k
aes192gcm8 or aes192gcm64	192 bit AES-GCM with 64 bit ICV		k
aes192gcm12 or aes192gcm96	192 bit AES-GCM with 96 bit ICV		k
aes192gcm16 or aes192gcm128	192 bit AES-GCM with 128 bit ICV		k
aes256gcm8 or aes256gcm64	256 bit AES-GCM with 64 bit ICV		k
aes256gcm12 or aes256gcm96	256 bit AES-GCM with 96 bit ICV		k
aes256gcm16 or aes256gcm128	256 bit AES-GCM with 128 bit ICV		k
3des	168 bit 3DES-EDE-CBC	x o g	k
blowfish128 or blowfish	128 bit Blowfish-CBC	x o g	k
blowfish192	192 bit Blowfish-CBC	x o	k
blowfish256	256 bit Blowfish-CBC	x o	k
camellia128 or camellia	128 bit Camellia-CBC		k
camellia192	192 bit Camellia-CBC		k
camellia256	256 bit Camellia-CBC		k
serpent128 or serpent	128 bit Serpent-CBC	g	k
serpent192	192 bit Serpent-CBC	g	k
serpent256	256 bit Serpent-CBC	g	k
twofish128 or twofish	128 bit Twofish-CBC	g	k
twofish192	192 bit Twofish-CBC		k
twofish256	256 bit Twofish-CBC	g	k

x default built-in crypto library
o OpenSSL crypto library
g Gcrypt crypto library
k Linux 2.6 kernel

Integrity Algorithms¶

Keyword	Description	IKE	ESP
sha1 or sha	SHA1 HMAC	96 bit	96 bit
sha2_256 or sha256	SHA2_256 HMAC	128 bit	96 bit
sha2_384 or sha384	SHA2_384 HMAC	192 bit
sha2_512 or sha512	SHA2_512 HMAC	256 bit
md5	MD5 HMAC	96 bit	96 bit
aesxcbc	AES XCBC		96 bit

Diffie Hellman Groups¶

Modulo Prime Groups¶

Keyword	DH Group	Modulus	IKE
modp768	1	768 bits	m o g
modp1024	2	1024 bits	m o g
modp1536	5	1536 bits	m o g
modp2048	14	2048 bits	m o g
modp3072	15	3072 bits	m o g
modp4096	16	4096 bits	m o g
modp6144	17	6144 bits	m o g
modp8192	18	8192 bits	m o g

Modulo Prime Groups with Prime Order Subgroup¶

Keyword	DH Group	Modulus	Subgroup	IKE
modp1024s160	22	1024 bits	160 bits	m o g
modp2048s224	23	2048 bits	224 bits	m o g
modp2048s256	24	2048 bits	256 bits	m o g

Elliptic Curve Groups¶

Keyword	DH Group	Modulus	IKE
ecp192	25	192 bits	o
ecp224	26	224 bits	o
ecp256	19	256 bits	o
ecp384	20	384 bits	o
ecp521	21	521 bits	o

m GMP multi-precision library
o OpenSSL crypto library
g Gcrypt crypto library

Files (0)

Project

General

Profile

strongSwan

Documentation¶

Resources¶

Wiki