[strongSwan] aes256-gcm16
Tobias Guggemos
tobias.guggemos at stud.ifi.lmu.de
Fri Dec 6 15:20:00 CET 2013
Hello,
we are performing some measurements and we are wondering about
aes256-gcm16 and aes256-ccm16.
In the ipsec.conf we specify
esp=aes256gcm16-sha1!
How does stronswan handle this line? Does it removes the -sha1 part or
does it performs a double authentication: the one from gcm and the one
from sha1?
Is the ICV provided by GCM located in the ICV part of the ESP packet or is
it concireded as part of the encrypted payload.
BR
Tobias
More information about the Users
mailing list