Tom, On Mon, Feb 18, 2019, at 9:31 PM, Tom Rymes wrote: > Can anyone point me to some good information for which of the various > options should be paired together? I've done a fair amount of digging, > but it's always nice to have some confirmation that my interpretation is > accurate. > > I am working with Strongswan and Windows Roadwarrior clients, and am > thus limited to (I have omitted some of the weaker options): > > Encryption: AES128, AES192, AES256, GCMAES128, GCMAES192, GCMAES256 > > Integrity: SHA2_256, SHA2_384 > > Grouptype: MODP2048, ECP256, ECP384 > > > Which combinations of encryption and integrity options provides the best > possible security without wasting computational effort for each of the > grouptypes? > > Many thanks, > > Tom
Some useful links: https://wiki.strongswan.org/projects/strongswan/wiki/SecurityRecommendations https://wiki.strongswan.org/projects/strongswan/wiki/PublicKeySpeed https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites Personally I'm using aes128-sha256-ecp256 - and would use AES GCM but my client side (a home-class Mikrotik) doesn't have hardware acceleration for AES GCM, only for AES CBC. You may find this older discussion useful too: https://lists.strongswan.org/pipermail/users/2015-April/007809.html -- K
