Ethereal

Re: [Ethereal-users] 0.99 ESP protocol preferences
Google
 
Web Ethereal.com

Home | Introduction | Documentation | Lists | FAQ | Development | Wiki | Bugs

Main Index | Thread Index | Mailing Lists | | Date Prev | Date Next | Thread Prev | Thread Next

Ethereal-users: June 2006

 


On Jun 12, 2006, at 2:09 PM, Chris Flory wrote:

Ok, I see a problem, it appears I am limited to what I can use as an
encryption/algorithm option.


At least according to the comments in packet-ipsec.c, your choices are:

NULL
TripleDES-CBC [RFC2451] : keylen 192 bits.
AES-CBC with 128-bit keys [RFC3602] : keylen 128 and 192/256 bits.
AES-CTR [RFC3686] : keylen 160/224/288 bits. The remaining 32 bits will be used as nonce.
DES-CBC [RFC2405] : keylen 64 bits
BLOWFISH-CBC : keylen 128 bits.
TWOFISH-CBC : keylen 128/256 bits.

(that's just cut-and-pasted from the comment).

I am using ESP/MD5/HMAC-128 for my authenticaton, 

For authentication, the comment says:

	NULL
	HMAC-SHA1-96 [RFC2404] : any keylen
	HMAC-MD5-96 [RFC2403] : any keylen
	HMAC-SHA256 : any keylen

and says that AES-XCBC-MAC-96 [RFC3566] is "Not available because no implementation found."

and 3DES-168 for encryption on IPSec.

The only 3DES I see in the first list is 3DES-CBC with a 192-bit key length; is 168 the key length you're using?

Powered by MHonArc 2.6.10

Please send support questions about Ethereal to the ethereal-users[AT]ethereal.com mailing list.
For corrections/additions/suggestions for this web page (and not Ethereal support questions), please send email to ethereal-web[AT]ethereal.com.
Last modified: Fri, November 10 2006.
"Ethereal" and the "e" logo are registered trademarks of Ethereal, Inc.