[strongSwan] Selecting proper encryption pairings
Tom Rymes
trymes at rymes.com
Mon Feb 18 19:31:59 CET 2019
Can anyone point me to some good information for which of the various
options should be paired together? I've done a fair amount of digging,
but it's always nice to have some confirmation that my interpretation is
accurate.
I am working with Strongswan and Windows Roadwarrior clients, and am
thus limited to (I have omitted some of the weaker options):
Encryption: AES128, AES192, AES256, GCMAES128, GCMAES192, GCMAES256
Integrity: SHA2_256, SHA2_384
Grouptype: MODP2048, ECP256, ECP384
Which combinations of encryption and integrity options provides the best
possible security without wasting computational effort for each of the
grouptypes?
Many thanks,
Tom
More information about the Users
mailing list