From e34e2d3cd3d44aa94084b7123f19f2ead1df4375 Mon Sep 17 00:00:00 2001 From: Hans-Joerg Hoexer Date: Tue, 6 Mar 2007 18:26:35 +0000 Subject: Explain, why aesctr has 160 bit keys (128 bit aes key + 32 bit nonce). ok jmc@ --- sbin/ipsecctl/ipsec.conf.5 | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/sbin/ipsecctl/ipsec.conf.5 b/sbin/ipsecctl/ipsec.conf.5 index 9630d4b0579..e4b276ecbf0 100644 --- a/sbin/ipsecctl/ipsec.conf.5 +++ b/sbin/ipsecctl/ipsec.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ipsec.conf.5,v 1.112 2007/02/19 14:20:46 jmc Exp $ +.\" $OpenBSD: ipsec.conf.5,v 1.113 2007/03/06 18:26:34 hshoexer Exp $ .\" .\" Copyright (c) 2004 Mathieu Sauve-Frankel All rights reserved. .\" @@ -557,11 +557,15 @@ Use of DES or Skipjack as an encryption algorithm is not recommended Furthermore, attacks on Skipjack have shown severe weaknesses in its structure. .Pp -Note that DES requires 8 bytes to form a 56-bit key and 3DES requires 24 bytes +DES requires 8 bytes to form a 56-bit key and 3DES requires 24 bytes to form its 168-bit key. This is because the most significant bit of each byte is used for parity. .Pp -Note that using NULL with ESP will only provide authentication. +The keysize of AES-CTR is actually 128-bit. +However as well as the key, a 32-bit nonce has to be supplied. +Thus 160 bits of key material have to be supplied. +.Pp +Using NULL with ESP will only provide authentication. This is useful in setups where AH can not be used, e.g. when NAT is involved. .Pp The following group types are permitted with the -- cgit v1.2.3