[strongSwan] Selecting proper encryption pairings
Kostya Vasilyev
kman at fastmail.com
Mon Feb 18 20:18:12 CET 2019
Tom,
On Mon, Feb 18, 2019, at 9:31 PM, Tom Rymes wrote:
> Can anyone point me to some good information for which of the various
> options should be paired together? I've done a fair amount of digging,
> but it's always nice to have some confirmation that my interpretation is
> accurate.
>
> I am working with Strongswan and Windows Roadwarrior clients, and am
> thus limited to (I have omitted some of the weaker options):
>
> Encryption: AES128, AES192, AES256, GCMAES128, GCMAES192, GCMAES256
>
> Integrity: SHA2_256, SHA2_384
>
> Grouptype: MODP2048, ECP256, ECP384
>
>
> Which combinations of encryption and integrity options provides the best
> possible security without wasting computational effort for each of the
> grouptypes?
>
> Many thanks,
>
> Tom
Some useful links:
https://wiki.strongswan.org/projects/strongswan/wiki/SecurityRecommendations
https://wiki.strongswan.org/projects/strongswan/wiki/PublicKeySpeed
https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites
Personally I'm using aes128-sha256-ecp256 - and would use AES GCM but my client side (a home-class Mikrotik) doesn't have hardware acceleration for AES GCM, only for AES CBC.
You may find this older discussion useful too:
https://lists.strongswan.org/pipermail/users/2015-April/007809.html
-- K
More information about the Users
mailing list