[Front page] [Index]

MAC Algorithms

The following MAC algorithms are supported:

• AES-XCBC

  For more information, see the IETF documents RFC 3566 ("The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec") and RFC 4434 ("The AES-XCBC-PRF-128 Algorithm for the Internet Key Exchange Protocol (IKE)"), available at www.ietf.org.

• GMAC-AES

  For details on the GMAC-AES algorithm, see section Cipher Algorithms above.

• MD5

  The MD5 (Message-Digest 5) algorithm is a popular 128-bit hash function defined in the RFC 1321 ("The MD5 Message-Digest Algorithm") document available at www.ietf.org.

  FIPS: Please note that MD5 is not FIPS-approved algorithm and should not be used when FIPS compliance is required.

• SHA-1

  SHA-1 (Secure Hash Algorithm 1) is a 160-bit has function developed by US government standards organization NIST (National Institute of Standards and Technology).

• SHA-2

  SHA-2 (Secure Hash Algorithm 2) is a NIST-suggested replacement for the older SHA-1 algorithm that has been shown to have some weaknesses. SHA-2 is applicable to Authentication Header (AH) and Encapsulating Security Payload (ESP), as well as IKEv1 and IKEv2. Supported ICV (Integrity Check Value) sizes are 128, 192, 224, 256, 384 and 512 bits.

  In IKE, SHA-2-based HMACs can be used as PRF (Pseudo-Random-Function) that return result of 256, 384 or 512 bits. In ESP and AH transforms and as integrity algorithm in IKE, SHA-2 based HMACs can be used. SHA-2 based HMACs return a digest that is half the key size of the algorithm. Therefore, usage of SHA-2 algorithms adds a little more overhead (128, 192 or 256 bits vs. 96 bits) to packets, when compared to SHA-1. Also, the memory usage of transforms is increased a little.

  For more details on the SHA-2 algorithm, refer to the draft-kelly-ipsec-ciph-sha2-01.txt document ("Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 With IPsec") available at www.ietf.org.