Hi Tobias, *, thanks for the heads up. I'd see a security benefit by using those chiphers. (-> compared with CBC Ciphers)
Thanks for your time. g, Stephan On Mon, Apr 20, 2020 at 01:36:47PM +0200, Tobias Heider wrote: > Date: Mon, 20 Apr 2020 13:36:47 +0200 > From: Tobias Heider <tobias.hei...@stusta.de> > Subject: Re: AEAD Suites in IKEX (iked) and Phase 1 (isakmpd) > To: Stephan Mending <l...@md5collisions.eu> > Cc: tech@openbsd.org > > On Mon, Apr 20, 2020 at 12:52:24PM +0200, Stephan Mending wrote: > > Hi, > > I was wondering if there was a reason why there are no AEAD Suites > > implemented for initial IKEX in iked or phase 1 in isamkmpd ? Even though > > iked's childSAs > > support it and Phase 2 in isakmpd does as well ? Is it just lack of time ? > > Because for example strongswan does exactly support that. Using GCM Suites > > and/or > > Chacha20Poly1305. > > > > Thanks for your time. > > > > Best regards, > > Stephan > > > > The quick answer would be: "No one bothered to implement it." > > It is on my list of planned features for iked, but honestly having > AEADs in the IKE SA is not really a priority. > > The main reason to prefer AEADs is their better performance. > The amount of data exchanged in phase 1 (or the IKE SA) is negligible > because it is only used for encrypting the key exchange messages. > The Child SAs (which are used for ESP) are where performance and > throughput actually matter. > > - Tobias >