[strongSwan] Question about "ike=aes256gcm16-aesxcbc-modp2048!" in ipsec.conf
Motonori Shindo
motonori at shin.do
Tue Jan 22 15:12:46 CET 2013
Martin,
Thank you for your prompt answer. Now I understand what they really mean.
Regards,
On 2013/01/22, at 19:39, Martin Willi <martin at strongswan.org> wrote:
> Hi,
>
>> ike=aes256gcm16-aesxcbc-modp2048!
>> esp=aes256gcm16-modp2048!
>
>> [...] why we need "aesxcbc" for "ike" in conjunction with
>> "aes256gcm16"?
>
> In the "esp" keyword, you define an encryption and an integrity
> algorithm, and optionally a DH group used when rekeying the CHILD_SA.
>
> In the "ike" keyword, you additionally need a Pseudo Random Function
> (PRF) to derive keys. This usually is the same as the integrity
> algorithm, hence you don't need to specify it explicitly. With an AEAD
> algorithm (such as GCM), there is no dedicated integrity algorithm, so a
> dedicated PRF is required.
>
> In this example, aesxcbc is used as PRF only, as you don't have a
> dedicated cipher, but only an AEAD.
>
> Starting from the upcoming 5.0.2 release, you can explicitly define the
> PRF using the "prf" algorithm prefix (such as prfaesxcbc). The old
> syntax using implicitly defined PRFs is still supported, though.
>
> Regards
> Martin
>
---
Motonori Shindo
More information about the Users
mailing list