IPsec-Verschlüsselungsalgorithmen
Sophos Firewall unterstützt die folgenden Verschlüsselungsalgorithmen für IKEv1 und IKEv2 Phase 1 und 2.
IKEv2-Chiffren
Die Sophos Firewall unterstützt diese Verschlüsselungsalgorithmen für IKEv2.
Phase 1
| DH-Gruppe | Verschlüsselung | Authentifizierung |
|---|---|---|
| 1 (DH768) | AES256 | SHA2 512 |
| 2 (DH1024) | AES192 | SHA2 384 |
| 5 (DH1536) | AES128 | SHA2 256 |
| 14 (DH2048) | Kugelfisch | SHA1 |
| 15 (DH3072) | 3DES | MD5 |
| 16 (DH4096) | AES256GCM16 | |
| 17 (DH6144) | AES192GCM16 | |
| 18 (DH8192) | AES128GCM16 | |
| 25 (ecp192) | ||
| 26 (ecp224) | ||
| 19 (ecp256) | ||
| 20 (ecp384) | ||
| 21 (ecp521) | ||
| 27 (ecp224bp) | ||
| 28 (ecp256bp) | ||
| 29 (ecp384bp) | ||
| 30 (ecp521bp) | ||
| 31 (Kurve 25519) |
Phase 2
| DH-Gruppe | Verschlüsselung | Authentifizierung |
|---|---|---|
| Keiner | AES256 | SHA2 512 |
| Wie Phase I | AES192 | SHA2 384 |
| 1 (DH768) | AES128 | SHA2 256 |
| 2 (DH1024) | Kugelfisch | SHA1 |
| 5 (DH1536) | 3DES | MD5 |
| 14 (DH2048) | AES256GCM16 | |
| 15 (DH3072) | AES192GCM16 | |
| 16 (DH4096) | AES128GCM16 | |
| 17 (DH6144) | AES256GMAC | |
| 18 (DH8192) | AES192GMAC | |
| 25 (ecp192) | AES128GMAC | |
| 26 (ecp224) | ||
| 19 (ecp256) | ||
| 20 (ecp384) | ||
| 21 (ecp521) | ||
| 27 (ecp224bp) | ||
| 28 (ecp256bp) | ||
| 29 (ecp384bp) | ||
| 30 (ecp521bp) | ||
| 31 (Kurve 25519) |
IKEv1-Chiffren
Die Sophos Firewall unterstützt diese Verschlüsselungsalgorithmen für IKEv1.
Phase 1
| DH-Gruppe | Verschlüsselung | Authentifizierung |
|---|---|---|
| 1 (DH768) | AES256 | SHA2 512 |
| 2 (DH1024) | AES192 | SHA2 384 |
| 5 (DH1536) | AES128 | SHA2 256 |
| 14 (DH2048) | Kugelfisch | SHA1 |
| 15 (DH3072) | 3DES | MD5 |
| 16 (DH4096) | ZweiFische | |
| 17 (DH6144) | Schlange | |
| 18 (DH8192) | ||
| 25 (ecp192) | ||
| 26 (ecp224) | ||
| 19 (ecp256) | ||
| 20 (ecp384) | ||
| 21 (ecp521) | ||
| 27 (ecp224bp) | ||
| 28 (ecp256bp) | ||
| 29 (ecp384bp) | ||
| 30 (ecp521bp) | ||
| 31 (Kurve 25519) |
Phase 2
| DH-Gruppe | Verschlüsselung | Authentifizierung |
|---|---|---|
| Keiner | AES256 | SHA2 512 |
| Wie Phase I | AES192 | SHA2 384 |
| 1 (DH768) | AES128 | SHA2 256 |
| 2 (DH1024) | Kugelfisch | SHA1 |
| 5 (DH1536) | 3DES | MD5 |
| 14 (DH2048) | AES256GCM16 | |
| 15 (DH3072) | AES192GCM16 | |
| 16 (DH4096) | AES128GCM16 | |
| 17 (DH6144) | AES256GMAC | |
| 18 (DH8192) | AES192GMAC | |
| 25 (ecp192) | AES128GMAC | |
| 26 (ecp224) | ZweiFische | |
| 19 (ecp256) | Schlange | |
| 20 (ecp384) | ||
| 21 (ecp521) | ||
| 27 (ecp224bp) | ||
| 28 (ecp256bp) | ||
| 29 (ecp384bp) | ||
| 30 (ecp521bp) | ||
| 31 (Kurve 25519) |
Weitere Ressourcen