[Swan-dev] IKEv1 ike=aes preferring AES128 over AES256?
Paul Wouters
paul at nohats.ca
Wed Feb 1 18:46:56 UTC 2017
The RFC 7321bis and 4307bis make 256 keys a MUST, so these are assumed implemented. I think preferring the stronger one everywhere is better and those who for some reason want 128, can do so manually.
Sent from my iPhone
> On Feb 1, 2017, at 13:14, Andrew Cagney <andrew.cagney at gmail.com> wrote:
>
> For IKEv1, given a line like ike=aes (I suspect technically it is
> something like phase1=aes), pluto proposes:
>
> encr=aes, keylen=128,256
>
> leading it to prefer 128 over 268 (look for the code following the
> comment 'This odd FOR loop' in spdb_struct.c). However, if nothing at
> all is specified then it proposes:
>
> encr=aes,keylen=256
> encr=aes,keylen=128
>
> leading to a preference for 256 bit keys (look at spdb.c).
>
> Should IKEv1 IKE be more consistent and always prefer the stronger 256
> bit key length (i.e., the max key len)?
>
> Andrew
>
> (this would also make it consistent with IKEv2)
> (ESP, with different code, would still prefer 128 bit keys)
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list