New algorithm requirements for IKEv 1 Paul Hoffman
- Slides: 7
New algorithm requirements for IKEv 1 Paul Hoffman VPN Consortium
How we got here • IPsec WG decided to deprecate DES many years ago but never acted on it • Many people thought “everyone knows not to use DES or DH Group 1” • Many people were wrong: they appear in almost all implementations, usually as the first choice in the UI
draft-hoffman-ikev 1 -algorithms 01. txt • Proposal to bring the MUSTs and SHOULDs from RFC 2409 up to date for modern and future practice • Only covers IKEv 1, but agrees with what we agreed to in IKEv 2 • Demotes some things (like DES and Tiger) to MAY
What is changing (1) OLD DES: MUST Triple. DES: SHOULD MD 5 and SHA 1: MUST Tiger: SHOULD NEW Triple. DES: MUST AES-128: SHOULD SHA 1: MUST AES-128: SHOULD DH Group 1 (768): MUST DH Group 2 (1024): SHOULD DH Group 2 (1024): MUST DH Group 14 (2048): SHOULD
What is changing (2) OLD NEW DH Group 3 and 4 (elliptic curve): MAY/SHOULD Pre-shared secrets: MUST RSA signatures: SHOULD DSA signatures: SHOULD RSA encryption: SHOULD Pre-shared secrets: MUST RSA signatures: SHOULD
The new MAYs DES for encryption MD 5 and Tiger for hashing Diffie-Hellman MODP group 1 (768) Diffie-Hellman MODP groups with elliptic curves • DSA for authentication with signatures • RSA for authentication with encryption • •
Status • draft-hoffman-ikev 1 -algorithms-01. txt is in IETF-wide last call until Nov. 22 • To be followed by a companion document for IPsec algorithms • Comments should be sent to the IPsec list and the IESG
