[Openswan Users] Cipher suites, Hash algo and DH group support

Peter McGill petermcgill at goco.net
Tue May 19 16:11:38 EDT 2009 

What openswan supports can depend on kernel and openswan build options.
You can find out what your system specifically supports by looking at the output of:
ipsec auto --status
# These are what is supported by default, although more may be available on some specially compiled systems.
000 algorithm ESP encrypt: id=3, name=ESP_3DES, ivlen=64, keysizemin=192, keysizemax=192
# Supports Triple DES (3DES) for IPSec Phase 2 (ESP) Tunnel Encryption
000 algorithm ESP encrypt: id=12, name=ESP_AES, ivlen=128, keysizemin=128, keysizemax=256
# Supports AES 128 and AES 256 for IPSec Phase 2 (ESP) Tunnel Encryption
000 algorithm ESP auth attr: id=1, name=AUTH_ALGORITHM_HMAC_MD5, keysizemin=128, keysizemax=128
# Supports HMAC using MD5 for IPSec Phase 2 (ESP) Tunnel Authentication Hash
000 algorithm ESP auth attr: id=2, name=AUTH_ALGORITHM_HMAC_SHA1, keysizemin=160, keysizemax=160
# Supports HMAC using SHA1 for IPSec Phase 2 (ESP) Tunnel Authentication Hash
000 algorithm ESP auth attr: id=9, name=AUTH_ALGORITHM_AES_CBC, keysizemin=128, keysizemax=128

000 algorithm IKE encrypt: id=5, name=OAKLEY_3DES_CBC, blocksize=8, keydeflen=192
# Supports Triple DES (3DES) in CBC mode for IPSec Phase 1 (IKE) Key Exchange Encryption
000 algorithm IKE encrypt: id=7, name=OAKLEY_AES_CBC, blocksize=16, keydeflen=128
# Supports AES 128 in CBC mode for IPSec Phase 1 (IKE) Key Exchange Encryption
000 algorithm IKE hash: id=1, name=OAKLEY_MD5, hashsize=16
# Supports MD5 for IPSec Phase 1 (IKE) Key Exchange Hash
000 algorithm IKE hash: id=2, name=OAKLEY_SHA1, hashsize=20
# Supports SHA1 for IPSec Phase 1 (IKE) Key Exchange Hash
000 algorithm IKE dh group: id=2, name=OAKLEY_GROUP_MODP1024, bits=1024
# Supports Diffie Hellman (DH) Group 2 (1024 bit) for IPSec Phase 1 (IKE) Key Exchange
000 algorithm IKE dh group: id=5, name=OAKLEY_GROUP_MODP1536, bits=1536
# Supports Diffie Hellman (DH) Group 5 (1536 bit) for IPSec Phase 1 (IKE) Key Exchange
000 algorithm IKE dh group: id=14, name=OAKLEY_GROUP_MODP2048, bits=2048
# Supports Diffie Hellman (DH) Group 14 (2048 bit) for IPSec Phase 1 (IKE) Key Exchange
000 algorithm IKE dh group: id=15, name=OAKLEY_GROUP_MODP3072, bits=3072
# Supports Diffie Hellman (DH) Group 15 (3072 bit) for IPSec Phase 1 (IKE) Key Exchange
000 algorithm IKE dh group: id=16, name=OAKLEY_GROUP_MODP4096, bits=4096
# Supports Diffie Hellman (DH) Group 16 (4096 bit) for IPSec Phase 1 (IKE) Key Exchange
000 algorithm IKE dh group: id=17, name=OAKLEY_GROUP_MODP6144, bits=6144
# Supports Diffie Hellman (DH) Group 17 (6144 bit) for IPSec Phase 1 (IKE) Key Exchange
000 algorithm IKE dh group: id=18, name=OAKLEY_GROUP_MODP8192, bits=8192
# Supports Diffie Hellman (DH) Group 18 (8192 bit) for IPSec Phase 1 (IKE) Key Exchange

You select these in you ipsec.conf as follows: (Also explained in man ipsec.conf)
	# IPSec Phase 1 (IKE) Key Exchange
	# ike=cipher(-hash(-dhgroup)?)?(,cipher(-hash(-dhgroup)?)?)*
	# not specifying something is equivalent to saying any is ok
	# so no ike line allows any supported cipher hash and dhgroup.
	ike=aes # any AES hash and dhgroup
	ike=aes128-sha1 # AES128 with SHA1 and any dhgroup
	ike=3des-md5-modp1024,aes128-sha1-modp2048 # 3DES with MD5 and DH Group 2 or AES128 with SHA1 and DH Group 14
	# IPSec Phase 2 (ESP) Tunnel
	# Like ike but without dhgroup which it instead inherits from ike
	esp=aes,3des # any AES or 3DES hash and the dhgroup from Phase 1 (IKE)
	esp=aes128-sha1 # AES128 with SHA1 and the dhgroup from Phase 1 (IKE)

Since openswan will accept any supported option by default and weak options are not included by default, then it is safe and
recommended to never set these lines unless your connecting to someone else's setup or a non-openswan endpoint with very specific
allowed options.

Note: Very old versions may support (Single) DES and DH Group 1 (768 bit), these are no longer available in Openswan as they are
broken and/or weak and do not provide reliable protection, as such should not be used and have been removed.
DO NOT USE THEM!
Likewise with AH only or NULL encryption, do not use these, they do not protect your data. Stick with the defaults, unless you know
what your doing.

Peter McGill
IT Systems Analyst
Gra Ham Energy Limited 

> -----Original Message-----
> From: users-bounces at openswan.org 
> [mailto:users-bounces at openswan.org] On Behalf Of Erich Titl
> Sent: May 18, 2009 10:27 AM
> To: users at openswan.org
> Subject: [Openswan Users] Cipher suites, Hash algo and DH 
> group support
> 
> Hi everybody
> 
> Could anyone point me to a list of the supported cipher/hash 
> suites and 
> DH groups for OpenSwan 2.4, how to combine these into those infamous 
> strings to be passed to the ike and esp parameters.
> 
> Thanks
> 
> Erich
> 
> 
>

More information about the Users mailing list