|
    |
Tectia client/server solution supports the following cryptographic algorithms and standards.
Table 6.5. Tectia client/server solution supports the following algorithms
| Used for | Algorithm | |
|---|---|---|
| Key exchange | SHA-1: | diffie-hellman-group1-sha1 |
| diffie-hellman-group14-sha1 | ||
| diffie-hellman-group-exchange-sha1 | ||
| SHA-2: | diffie-hellman-group-exchange-sha256 | |
| diffie-hellman-group14-sha224@ssh.com | ||
| diffie-hellman-group14-sha256@ssh.com | ||
| diffie-hellman-group15-sha256@ssh.com[a] | ||
| diffie-hellman-group15-sha384@ssh.com[a] | ||
| diffie-hellman-group16-sha384@ssh.com | ||
| diffie-hellman-group16-sha512@ssh.com | ||
| diffie-hellman-group18-sha512@ssh.com | ||
| diffie-hellman-group-exchange-sha224@ssh.com | ||
| diffie-hellman-group-exchange-sha384@ssh.com | ||
| diffie-hellman-group-exchange-sha512@ssh.com | ||
| Elliptic curve: | ecdh-sha2-nistp256 [a] | |
| ecdh-sha2-nistp384 [a] | ||
| ecdh-sha2-nistp521 [a] | ||
| Edwards-curve: | curve25519-sha256@libssh.org [b] | |
| Public key | RSA (1024, 2048, 3072, 4096, 5120, 6144, 7168, 8192 bits) | |
| ECDSA (256, 384, 521 bits) [a] | ||
| Ed25519 (512 bits) [b] | ||
| DSA (1024, 2048, 3072 bits) | ||
| Data integrity | CryptiCore (Badger) (16-byte key) | |
| hmac-sha1 (20-byte key, FIPS PUB 198) | ||
| hmac-sha1-96 (20-byte key, FIPS PUB 198) | ||
| hmac-md5 (16-byte key) | ||
| hmac-md5-96 (16-byte key) | ||
| hmac-sha2-256 (32-byte key, FIPS PUB 180-3) | ||
| hmac-sha2-512 (64-byte key, FIPS PUB 180-3) | ||
| hmac-sha224@ssh.com (28-byte key, FIPS PUB 198) | ||
| hmac-sha256@ssh.com (16-byte key, FIPS PUB 198) | ||
| hmac-sha256-2@ssh.com (32-byte key, FIPS PUB 198) | ||
| hmac-sha384@ssh.com (48-byte key, FIPS PUB 198) | ||
| hmac-sha512@ssh.com (64-byte key, FIPS PUB 198) | ||
| hmac-sha1-etm@openssh.com (20-byte key, FIPS PUB 198) | ||
| hmac-sha1-96-etm@openssh.com (20-byte key, FIPS PUB 198) | ||
| hmac-sha2-256-etm@openssh.com (32-byte key, FIPS PUB 180-3) | ||
| hmac-sha2-512-etm@openssh.com (64-byte key, FIPS PUB 180-3) | ||
| hmac-md5-etm@openssh.com | ||
| hmac-md5-96-etm@openssh.com | ||
| Session encryption | 3DES (168-bit key) | |
| AES (128-, 192-, or 256-bit key, CBC or CTR mode) | ||
| Arcfour (128-bit key) | ||
| Blowfish (128-bit key) | ||
| CryptiCore (Rabbit) (128-bit key) | ||
| SEED (128-bit key) | ||
| Twofish (128-, 192-, or 256-bit key) | ||
[a] Due to issues in the OpenSSL library, this algorithm is not supported in FIPS mode on HP-UX PA-RISC and IBM AIX. [b] This algorithm is not supported in FIPS mode | ||
| |
Copyright 
2021 SSH Communications Security Corporation
This software is protected by international copyright laws. All rights reserved.
Contact Information