[strongSwan-dev] NIST 800-131a

Martin Willi martin at strongswan.org
Tue Nov 6 09:06:12 CET 2012

Hi Dale,

> The NIST 800-131a mentions that in 2007, a new set of RNGs were
> approved in SP 800-90. Does the default strongSwan crypto routines
> uses these approved RNGs?

I don't know that document in detail, but it seems that it considers
HMAC with an appropriate hash algorithm acceptable. HMAC is supported
with different hash algorithms in strongSwan.


More information about the Dev mailing list