HP-UX IPSec Transforms

Comparative Key Lengths

Below is a table showing the key lengths of AH and ESP algorithms. In general, the longer the key length, the more secure the encryption algorithm will be. AES encryption provides the most secure encryption, but should be used with some form of authentication, such as the ESP-AES128-HMAC-SHA1 transform.




	NOTE: DES has been cracked (data encoded using DES has been decoded by a third party).

Table A-2 AH and ESP Algorithms and Key Lengths

Algorithm	Key Length
ESP-DES	56
ESP-3DES	168 (3 x 56)
ESP-AES	128
AH-MD5	128
AH-SHA1	160

3DES (Triple-DES) uses three independent 56-bit keys. The data is encrypted in three stages: it is encrypted using key1, decrypted using key2, and encrypted again using key3.

AES with HP-UX IPSec supports 128-bit keys. AES encryption is stronger than that of 3DES. In addition, processing speed is faster with AES, comparable to or better than that of DES encryption.

HMAC-SHA1 generates a 160-bit message digest and uses a 160-bit shared secret key to encrypt the digest.

HMAC-MD5 generates a 128-bit message digest and uses a 128-bit shared secret key to encrypt the digest.

Authentication Algorithms

These algorithms are used to provide the authentication value used in an IPSec Authentication Header (AH).

AH-MD5

Hashed Message Authentication Code (HMAC) using RSAs Message Digest-5. (128 bit message digest encrypted with a 128 bit key.)

AH-SHA1

HMAC using the Secure Hash Algorithm-l. (160 bit digest encrypted with 160 bit key.)

Encryption Algorithms

These algorithms are used to encrypt the IP payload for an IPSec Encapsulating Security Payload (ESP). The ESP provides confidentiality (encryption).

In addition, there are authenticated ESP algorithms, which include an encryption algorithm and an authentication algorithm. The authentication algorithm is used to compute an Integrity Check Value (ICV) to authenticate the ESP header and IP data. The ICV does not authenticate the original IP header unless tunnelling is used.

ESP-DES

ESP using Data Encryption Standard Cipher Block Chaining (CBC) Mode encryption, with a 56 bit key.

Linux FreeSwan

Linux FreeSwan does not support DES encryption. If you are configuring an HP-UX IPSec system to interoperate with a Linux FreeSwan system, you can use 3DES encryption or AES encryption with the appropriate FreeSwan crypto algorithm patch.

ESP-DES-HMAC-MD5

Authenticated ESP using DES-CBC encryption and HMAC-MD5 to generate an Integrity Check Value (ICV) for authentication.

ESP-DES-HMAC-SHA1

Authenticated ESP using DES-CBC encryption and HMAC-SHA1 to generate with an ICV.

ESP-3DES

ESP using triple DES-CBC encryption (three encryption iterations, each with a different 56-bit key).

ESP-3DES-HMAC-MD5

Authenticated ESP using 3DES-CBC encryption and HMAC-MD5 to generate an ICV.

ESP-3DES-HMAC-SHA1

Authenticated ESP using 3DES-CBC encryption and HMAC-SHA1 to generate an ICV.

ESP-AES128

Authenticated ESP using AES128 encryption.

ESP-AES128-HMAC-MD5

Authenticated ESP using AES128 encryption and HMAC-MD5 to generate an ICV.

ESP-AES128-HMAC-SHA1

Authenticated ESP using AES128 encryption and HMAC-SHA1 to generate an ICV.

ESP-NULL-HMAC-MD5

ESP header and trailer, but nothing is encrypted. An ICV is generated using HMAC-MD5.

ESP-NULL-HMAC-SHA1

ESP header and trailer, but nothing is encrypted. An ICV is generated using HMAC-SHA1.

Transform Lifetime Negotiation

The transform lifetimes configured are the preferred lifetimes. The actual lifetimes used depends on negotiations with the remote system.

If the local system initiates the IPSec negotiations, the ISAKMP daemon will send the preferred lifetime to the remote system. The remote system may process this value in any manner according to the IPSec protocol specification.

If the remote system initiates the IPSec negotiations, the ISAKMP daemon will accept the lifetime sent by the remote system, within the range specified by the IPSec protocol.