Chapter 3

Configuration via Local Pages

Crypto The table below shows the encryption algorithms supported by the SpeedTouch™ along with their corresponding key size:

Algorithm

DES

Valid key lengths (bits)

56

3DES

168

AES

128, 192, 256

DES is relatively slow and is the weakest of the algorithms, but it is the industry standard.

3DES is a stronger version of DES, but is the slowest of the supported algorithms (for a comparable key length).

AES is the new encryption standard selected by the American government to replace DES/3DES. It is recommended to use AES since it is the most advanced of the supported encryption methods.

Integrity The SpeedTouch™ supports two types of hashing algorithms:

Hashing algorithm

MD5

SHA1

HMAC is always used as integrity algorithm, combined with either MD5 or

SHA1.

SHA1 is stronger than MD5, but slightly slower.

Group The table below shows the supported Diffie-Hellman groups:

Diffie-Hellman group

number of bits

Keyword

number

 

 

 

 

 

1

768

MODP768

 

 

 

2

1024

MODP1024

 

 

 

5

1536

MODP1536

 

 

 

Lifetime-secsThe lifetime of a Security Association is specified in seconds:

Lifetime measured in:

Minimum value

Maximum value

 

 

 

seconds

240 (=4 minutes)

31536000 (=1 year)

 

 

 

84

E-DOC-CTC-20051017-0169 v0.1

 

Page 85 Page 87
Page 86
Image 86
Nortel Networks 620 Algorithm, Valid key lengths bits, Hashing algorithm, Diffie-Hellman group Number of bits Keyword
Page 85 Page 87
Top Page Image Contents