IPsec with D/H or RSA?

IPsec with D/H or RSA?

Post by jero » Thu, 15 Apr 1999 04:00:00



look at the rfc 2401-2412

ipsec uses several cryptographic algorithms. ike (the key negociation
protocol) use Diffie-hellman and may use RSA for the certification.

the RSA algorithm shouldnt be a 'must' in a rfc because it isnt currently
free.


>Where's the "core" RFC/ID of IPsec? I did a quick search and found
>several sources of information but not one that looked as if it was the
>"non-extended core" of what IPsec really is.

>What I'm trying to find out is what algorithm IPsec will use, I thought
>it would be RSA but now I just saw some software that used D/H-keys.
>Surely there must be a "must" stating what algorithm it must support and
>that ought to be RSA, right?

 
 
 

IPsec with D/H or RSA?

Post by Jim Gillogl » Thu, 15 Apr 1999 04:00:00



> What I'm trying to find out is what algorithm IPsec will use, I thought
> it would be RSA but now I just saw some software that used D/H-keys.
> Surely there must be a "must" stating what algorithm it must support and
> that ought to be RSA, right?

An IPSec implementation need not have a public key algorithm,
since it may be manually keyed and still be compliant.  However,
for automatic keying you want RFC 2409, which describes IKE.  D-H
is a MUST, RSA is a SHOULD, and they're performed according to IKE.

--
        Jim Gillogly
        23 Astron S.R. 1999, 23:24
        12.19.6.1.18, 7 Edznab 6 Pop, Second Lord of Night

 
 
 

1. RSA 2048 with RSA 1024 possible?

Hi,

imagine there is the RSA algorithm (upto 1024 bits) implemented in hardware.
Is it possible to develop a mixed SW/HW solution for RSA 2048 using this
Crypto Coprocessor plus some coding? Is it mathematically possible to realize
this?

2. SAM COUPE

3. PGP 6.0.2 w/RSA Ver. PGP 5.5.3 w/RSA

4. SUMMARY: How to trace/catch all refs. made to a file.

5. DH/DSS against RSA, SSL with RSA ...

6. Free Database Benchmarks (TPC, AS3AP, etc.)

7. About IPsec

8. Opinions on CD-Rs

9. IPSEC

10. IPSec on VxWorks

11. Questions of WindNet IPSEC

12. VxWorks and IPSEC

13. VxWorks & IpSec