HIPL

Algorithms

Asked by Abinaya

Sir,

Can you please tell me the algorithms supported by InfraHIP?

Are RSA and DSA only used in the base exchange in InfraHIP?

Wat are the algorithms supported for ESP? Are they AES and 3DES?

When i ran hipconf i got
transform order <integer> (1=AES, 2=3DES, 3=NULL).

Question information

Language:
English Edit question
Status:
Answered
For:
HIPL Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Miika Komu (miika-iki) said : 		#1

Yes, AES, 3DES and NULL. See e.g. "man setkey" for list of algos and the standard for recommended list of algos:

http://tools.ietf.org/html/draft-ietf-hip-rfc5202-bis#section-5.1.2

If you did not find your favorite algo, please consider to contribute. Adding new algos should be trivial (try e.g. grep -r HIP_ESP_3DES .)

You did ask this but experimental support for elliptic curve HIs exists as well ("hipconf add hi all").

Revision history for this message
Abinaya (abeenaya) said : 		#2

Thank you.
How to check which algorithm is used currently for ESP (AES or 3DES or NULL)?
Does the command hipconf transform order help to set the algorithm to be used?
eg: Does hipconf transform order 123 means AES is used and hipconf transform order 213 means 3DES is used?

Revision history for this message
Miika Komu (miika-iki) said : 		#3

It's the preference order (decided during the key exchange). Check the "running" algorithm with "ip xfrm state" or "setkey -D".

Revision history for this message
Abinaya (abeenaya) said : 		#4

What are the hash algorithms supported by HIP for ESP?
is it only HMAC with SHA-1?

Revision history for this message
Miika Komu (miika-iki) said : 		#5

Have a look at the beginning of hip_create_r1() in hipd/output.c.

Can you help with this problem?

Provide an answer of your own, or ask Abinaya for more information if necessary.

To post a message you must log in.