[strongSwan] Question about "ike=aes256gcm16-aesxcbc-modp2048!" in ipsec.conf
Martin Willi
martin at strongswan.org
Tue Jan 22 11:39:27 CET 2013
Hi,
> ike=aes256gcm16-aesxcbc-modp2048!
> esp=aes256gcm16-modp2048!
> [...] why we need "aesxcbc" for "ike" in conjunction with
> "aes256gcm16"?
In the "esp" keyword, you define an encryption and an integrity
algorithm, and optionally a DH group used when rekeying the CHILD_SA.
In the "ike" keyword, you additionally need a Pseudo Random Function
(PRF) to derive keys. This usually is the same as the integrity
algorithm, hence you don't need to specify it explicitly. With an AEAD
algorithm (such as GCM), there is no dedicated integrity algorithm, so a
dedicated PRF is required.
In this example, aesxcbc is used as PRF only, as you don't have a
dedicated cipher, but only an AEAD.
Starting from the upcoming 5.0.2 release, you can explicitly define the
PRF using the "prf" algorithm prefix (such as prfaesxcbc). The old
syntax using implicitly defined PRFs is still supported, though.
Regards
Martin
More information about the Users
mailing list