Tectia client/server solution supports the following cryptographic algorithms and standards.
Table 6.5. Tectia client/server solution supports the following algorithms
Used for | Algorithm | |
---|---|---|
Key exchange | SHA-1: | diffie-hellman-group1-sha1 |
diffie-hellman-group14-sha1 | ||
SHA-2: | ||
diffie-hellman-group14-sha224@ssh.com | ||
diffie-hellman-group14-sha256@ssh.com | ||
diffie-hellman-group15-sha256@ssh.com * | ||
diffie-hellman-group15-sha384@ssh.com * | ||
diffie-hellman-group16-sha384@ssh.com | ||
diffie-hellman-group16-sha512@ssh.com | ||
diffie-hellman-group18-sha512@ssh.com | ||
Public key | DSA (768-, 1024-, 2048-, or 3072-bit key) | |
RSA (768-, 1024-, 2048-, or 3072-bit key) | ||
Data integrity | ||
hmac md5 (16-byte key) | ||
hmac md5-96 (16-byte key) | ||
hmac sha-1(20-byte key, FIPS PUB 198) | ||
hmac sha-1-96 (20-byte key, FIPS PUB 198) | ||
hmac sha224@ssh.com (28-byte key, FIPS PUB 198) | ||
hmac sha256@ssh.com (16-byte key, FIPS PUB 198) | ||
hmac sha256-2@ssh.com (32-byte key, FIPS PUB 198) | ||
hmac sha384@ssh.com (48-byte key, FIPS PUB 198) | ||
hmac sha512@ssh.com (64-byte key, FIPS PUB 198) | ||
Session encryption | 3DES (168-bit key) | |
AES (128-, 192-, or 256-bit key, CBC or CTR mode) | ||
Arcfour (128-bit key) | ||
Blowfish (128-bit key) | ||
SEED (128-bit key) | ||
Twofish (128-, 192-, or 256-bit key) |
* Due to issues in the OpenSSL library, this algorithm is not supported in FIPS mode.