On Mon, Apr 20, 2020 at 12:52:24PM +0200, Stephan Mending wrote: > Hi, > I was wondering if there was a reason why there are no AEAD Suites > implemented for initial IKEX in iked or phase 1 in isamkmpd ? Even though > iked's childSAs > support it and Phase 2 in isakmpd does as well ? Is it just lack of time ? > Because for example strongswan does exactly support that. Using GCM Suites > and/or > Chacha20Poly1305. > > Thanks for your time. > > Best regards, > Stephan >
The quick answer would be: "No one bothered to implement it." It is on my list of planned features for iked, but honestly having AEADs in the IKE SA is not really a priority. The main reason to prefer AEADs is their better performance. The amount of data exchanged in phase 1 (or the IKE SA) is negligible because it is only used for encrypting the key exchange messages. The Child SAs (which are used for ESP) are where performance and throughput actually matter. - Tobias
