Nortel Networks 608(WL) Manuale Utente
Chapter 3
Configuration via Local Pages
E-DOC-CTC-20051017-0169 v0.1
84
Crypto
The table below shows the encryption algorithms supported by the SpeedTouch™
along with their corresponding key size:
along with their corresponding key size:
DES is relatively slow and is the weakest of the algorithms, but it is the
industry standard.
industry standard.
3DES is a stronger version of DES, but is the slowest of the supported
algorithms (for a comparable key length).
algorithms (for a comparable key length).
AES is the new encryption standard selected by the American government to
replace DES/3DES. It is recommended to use AES since it is the most
advanced of the supported encryption methods.
replace DES/3DES. It is recommended to use AES since it is the most
advanced of the supported encryption methods.
Integrity
The SpeedTouch™ supports two types of hashing algorithms:
HMAC is always used as integrity algorithm, combined with either MD5 or
SHA1.
SHA1.
SHA1 is stronger than MD5, but slightly slower.
Group
The table below shows the supported Diffie-Hellman groups:
Lifetime-secs
The lifetime of a Security Association is specified in seconds:
Algorithm
Valid key lengths (bits)
DES
56
3DES
168
AES
128, 192, 256
Hashing algorithm
MD5
SHA1
Diffie-Hellman group
number
number
number of bits
Keyword
1
768
MODP768
2
1024
MODP1024
5
1536
MODP1536
Lifetime measured in:
Minimum value
Maximum value
seconds
240 (=4 minutes)
31536000 (=1 year)