The status labels are explained following the table. Customers should pay particular attention to algorithms designated as Avoid or Legacy. The table explains each cryptographic algorithm that is available, the operations that each algorithm supports, and whether an algorithm is Cisco's best recommendation. The following table can help customers migrate from legacy ciphers to current or more secure ciphers. This paper summarizes the security of cryptographic algorithms and parameters, gives concrete recommendations regarding which cryptography should be used and which cryptography should be replaced, and describes alternatives and mitigations. However, some older algorithms and key sizes no longer provide adequate protection from modern threats and should be replaced. Older algorithms are supported in current products to ensure backward compatibility and interoperability. Steady advances in computing and the science of cryptanalysis have made it necessary to adopt newer, stronger algorithms and larger key sizes. Over the years, numerous cryptographic algorithms have been developed and used in many different protocols and functions.
Transport Layer Security and Cipher SuitesĪppendix A: Minimum Cryptography Recommendations Internet Key Exchange in VPN Technologies
IPsec VPN with Encapsulating Security Payload
Recommendations for Cryptographic AlgorithmsĬryptographic Algorithm Configuration Guidelines
0 kommentar(er)
