[strongSwan] difference between 'aes128' and 'aes128gcm8' notation in 'esp' cypher algo

Shahreen Ahmed sahmed at adax.co.uk
Thu Jul 17 15:23:04 CEST 2014

Hi all,

I am trying to use aes-gcm crypto algorithm in my setup where the cpu 
has 'aes' instruction enabled and the relevant drivers are loaded:

lsmod | grep -e aes -e gcm
gcm                    10857  0
aesni_intel            12915  4
cryptd                  8006  4 ghash_clmulni_intel,aesni_intel
aes_x86_64              7961  1 aesni_intel
aes_generic            27609  2 aesni_intel,aes_x86_64

I compiled Strongswan with --enable-gcm and added the 'gcm' plugin in 
the strongswan.conf file.

If I use 'aes128gcm8' as 'esp' in ipsec.conf I get poor performance (60% 
less throughput on UDP traffic) than using only 'aes128'.

My question is :

1) with only 'aes128' what integrity algo does it actually use?

2) To enable and use 'aes128gcm8' effectively (as expecting better 
throughput) do I need to take any extra steps than the above?

I tried with using PRF for GCM resulting no improvement.



Shahreen Noor Ahmed
Network Support Department
Adax Europe Ltd
url: www.adax.com
e-mail: sahmed at adax.co.uk
Direct line: +44(0)118 952 2804

More information about the Users mailing list