Chapter 4
Configuration via the Command Line Interface
Cryptographic function [crypto]
The table below shows the encryption algorithms supported by the SpeedTouch™ along with their corresponding key size:
Algorithm | Valid key sizes | Popular sizes | Default size |
| (bits) |
|
|
|
|
|
|
DES | 56 | 56 | 56 |
|
|
|
|
3DES | 168 | 168 | 168 |
|
|
|
|
AES | 128, 192, 256 | 128, 192, 256 | - |
|
|
|
|
DES is relatively slow and is the weakest of the algorithms, but it is the industry standard.
3DES is a stronger version of DES, but is the slowest of the supported algorithms (for a comparable key length).
AES is the new encryption standard selected by the American government to replace DES/3DES. It is recommended to use AES since it is the most advanced of the supported encryption methods.
Key length [keylen] The SpeedTouch™ supports 3 different key lengths for the AES encryption algorithm. The keylen parameter assigns the key length for this algorithm. Three values are valid, as specified in the table above.
The DES and 3DES algorithms have a fixed key length. For these algorithms the [keylen] parameter is not shown in the CLI.
Authentication Hashing The SpeedTouch™ supports two types of hashing algorithms: function [integrity]
Hashing algorithm
MD5
SHA1
HMAC is always used as integrity algorithm, combined with either MD5 or
SHA1.
SHA1 is stronger than MD5, but slightly slower.
| number of bits | Keyword |
number |
|
|
|
|
|
1 | 768 | MODP768 |
|
|
|
2 | 1024 | MODP1024 |
|
|
|
5 | 1536 | MODP1536 |
|
|
|
112 | |
|
