HP-UX IPSec version A.02.01 Administrator's Guide
Product Specifications
HP-UX IPSec Transforms
Appendix A 11
ESP-DES-HMAC-SHA1
ESP using DES-CBC encryption and HMAC-SHA1 to generate with an
ICV.
ESP-3DES-HMAC-MD5
ESP using triple DES-CBC encryption (3DES-CBC; three encryption
iterations, each with a different 56-bit key) and HMAC-MD5 to generate
an ICV.
ESP-3DES-HMAC-SHA1
ESP using 3DES-CBC encryption and HMAC-SHA1 to generate an ICV.
ESP-AES128-HMAC-MD5
ESP using Advanced Encryption Standard encryption with a 128-bit key
(AES128) and HMAC-MD5 to generate an ICV.
ESP-AES128-HMAC-SHA1
Authenticated ESP using AES128 encryption and HMAC-SHA1 to
generate an ICV.
ESP-NULL-HMAC-MD5
ESP header and trailer, but nothing is encrypted. ESP generates an ICV
using HMAC-MD5.
ESP-NULL-HMAC-SHA1
ESP header and trailer, but nothing is encrypted. ESP generates an ICV
using HMAC-SHA1.
Transform Lifetime Negotiation
The transform lifetimes configured are the preferred lifetimes. The
actual lifetimes used depends on negotiations with the remote system.
If the local system initiates the IPsec negotiations, the HP-UX IPSec IKE
daemon will send the preferred lifetime to the remote system. The
remote system may process this value in any manner according to the
IPsec protocol specification.