Transforms
What’s currently specified
- MUST: 3DES-CBC, HMAC-SHA1
- SHOULD NOT: DES
- SHOULD: AES-CTR and CBC-MAC w/XCBC
Issues
- Required rekey interval of 3DES-CBC at speeds of ɭ Gbps
- Making AES transforms MUST implement
- With or without demoting 3DES-CBC, HMAC-SHA1 to SHOULD or MAY
- Demotion could create interoperability problems between IPS hardware implementations and IPsec software implementations, where 3DES and HMAC-SHA1 are ubiquitous
- IPsec WG transform standardization status
-