[prev in list] [next in list] [prev in thread] [next in thread] 

List:       strongswan-announce
Subject:    Re: [strongSwan-dev] Please advise which is the best option and a way forward
From:       Noel Kuntze <noel.kuntze+strongswan-dev-ml () thermi ! consulting>
Date:       2022-10-07 21:14:00
Message-ID: 96850ec6-7382-c907-3b1a-018d7e167e93 () thermi ! consulting
[Download RAW message or body]

Hi Hilly,

Some things.

GMAC is a MAC, not a cipher. AES-256 in the description means AES-CBC-256. The \
keyword for that is just "aes256". Whether SHA256-128 or SHA256-96 depends on the \
other peer. the -96 version is the non-standardized one. Ask staff operating the \
other peer for details what they use. You're more constrained by what the kernel \
you're using can do because it's processing the traffic (using the negotiated esp \
proposal).

The proposal your client asked for is ...
ike=aes256-sha256-ecp256!
esp=aes256-sha256!

You can of course ask them to use AES-GCM and AES-XCBC.

Kind regards
Noel

On 07.10.22 10:04, Hilly B wrote:
> Hi Developers,
> 
> We are running on Centos 7 and we have installed  strongswan-5.7.2-1.el7.x86_64 \
> already installed and the latest version. 
> Our client will allow us to connect to them using:
> Phase 1:
> Authentication Method !! Pre-Shared Secret, to be exchanged over the phone (SMS) \
> only Encryption Schema IKEv2
> Diffie-Hellman Group- IKE DH Group-19
> Encryption Algorithm AES-256
> Hashing Algorithm SHA-256
> PRF SHA-256
> Renegotiate IKE SA every 86400 seconds
> 
> Phase 2:
> IPSec IPSec
> Encryption Algorithm IPSec AES-256
> Hashing Algorithm IPSec SHA-256
> Renegotiate IPSec SA every 28800 seconds
> PFS No PFS
> Mode Main Mode
> 
> I've been through the documentation from \
> https://wiki.strongswan.org/projects/1/wiki/IKEv2CipherSuites \
> <https://wiki.strongswan.org/projects/1/wiki/IKEv2CipherSuites>   and since we \
> don't have Strong Swan 5.8.x we are limited in what we can use; _Option 1:_   We \
> have asked the client if we can use these alternate protocols that are supported \
> with Strongswan 5.7. For Phase 1:
> Instead of DH Group-19    use DH Group 18
> Instead of AES-256 use aes256gmac
> Instead of SHA-256 use sha256_96
> For PRF instead of SHA-256 use AES XCBC
> 
> For Phase 2: IPsec
> Instead of AES-256 use aes256gmac
> Instead of SHA-256 use sha256_96
> 
> Question 1:
> However it's not clear in the documentation \
> https://wiki.strongswan.org/projects/1/wiki/IKEv2CipherSuites \
> <https://wiki.strongswan.org/projects/1/wiki/IKEv2CipherSuites>. For IPsec and \
> StrongSwan 5.7 can you use aes256gmac  instead of AES-256 and sha256_96 instead of \
> SHA-256? 
> Question 2:
> If this is possible with StrongSwan 5.7 how do you implement aes256gmac
> IPSec Encryption Algorithm and sha256_96 IPSec Hashing Algorithm? Or are there \
> alternate options supported by StrongSwan 5.7? 
> _Option 2:_
> Build Strongswan 5.8.x on Centos 7
> However from this post it seems its may not work \
> https://wiki.strongswan.org/issues/3229 <https://wiki.strongswan.org/issues/3229> 
> Question3:
> Has anyone successfully built Strongswan 5.8.x or later on Centos 7 and if so would \
> they be so kind as to share their instructions on how to do it? 
> Thanks for any assistance.
> 
> 

-- 
Noel Kuntze
IT security consultant

GPG Key ID: 0x0739AD6C
Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C


[prev in list] [next in list] [prev in thread] [next in thread]