Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program CAVP

Description
Set of algorithms in support of the Cisco Libreswan module
Version
1.0
Type
SOFTWARE
Vendor
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA
Contacts
Clint Winebrenner
cwinebre@cisco.com
(919) 392-6520

Validations

Number
Date
Operating Environments
Algorithm Capabilities
C84
12/17/2018
  • CentOS 7.4 on Intel Xeon
    • software
    • processor
      • manufacturer: Intel
  • HMAC-SHA-1
    • MAC: 80, 96, 128, 160
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-256
    • MAC: 128, 192, 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-384
    • MAC: 192, 256, 320, 384
    • Key sizes < block size
    • Key sizes > block size
    • Key size = block size
    Prerequisites:
  • HMAC-SHA2-512
    • MAC: 256, 320, 384, 448, 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • KDF IKEv1
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 224
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 256-512
        • Diffie-Hellman Shared Secret Length: 224
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 256-512
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 256-512
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 224
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • SHA-1
    • Message Length: 8-51200 Increment 8
  • SHA-256
    • Message Length: 8-51200 Increment 8
  • SHA-384
    • Message Length: 8-102400 Increment 8
  • SHA-512
    • Message Length: 8-102400 Increment 8
  • CentOS 7.4 on Intel Xeon
    • software
    • processor
      • manufacturer: Intel
  • HMAC-SHA-1
    • MAC: 80, 96, 128, 160
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-256
    • MAC: 128, 192, 256
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • HMAC-SHA2-384
    • MAC: 192, 256, 320, 384
    • Key sizes < block size
    • Key sizes > block size
    • Key size = block size
    Prerequisites:
  • HMAC-SHA2-512
    • MAC: 256, 320, 384, 448, 512
    • Key sizes < block size
    • Key size = block size
    • Key sizes > block size
    Prerequisites:
  • KDF IKEv1
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 224
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Digital Signature
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 256-512
        • Diffie-Hellman Shared Secret Length: 224
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 256-512
        • Diffie-Hellman Shared Secret Length: 8192
        • Hash Algorithm: SHA-1, SHA2-256
      • Capabilities:
        • Authentication Method: Pre-shared Key
        • Initiator Nonce Length: 64-2048
        • Responder Nonce Length: 64-2048
        • Preshared Key Length: 256-512
        • Diffie-Hellman Shared Secret Length: 2048
        • Hash Algorithm: SHA-1, SHA2-256
    Prerequisites:
  • KDF IKEv2
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 224
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 8192
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
      • Capabilities:
        • Initiator Nonce Length: 128-2048
        • Responder Nonce Length: 128-2048
        • Diffie-Hellman Shared Secret Length: 2048
        • Derived Keying Material Length: 1056-3072
        • Hash Algorithm: SHA-1, SHA2-256, SHA2-384, SHA2-512
    Prerequisites:
  • SHA-1
    • Message Length: 8-51200 Increment 8
  • SHA-256
    • Message Length: 8-51200 Increment 8
  • SHA-384
    • Message Length: 8-102400 Increment 8
  • SHA-512
    • Message Length: 8-102400 Increment 8
Created October 05, 2016, Updated June 22, 2020