This is our old Q&A Site. Please post any new questions and answers at


In ESP decryption table there are the following algorithms: HMAC-SHA-1-96 [RFC2404] HMAC-SHA-256-96 [draft-ietf-ipsec-ciph-sha-256-00] HMAC-SHA-256-128 [RFC4868] HMAC-SHA-384-192 [RFC4868] HMAC-SHA-512-256 [RFC4868]

And in ISAKMP (IKEv2 or IKEv1) decryption table there are the following algorithms: HMAC_SHA1_96 [RFC2404] HMAC_SHA2_256_96 [draft-ietf-ipsec-ciph-sha-256-00] HMAC_SHA2_256_128 [RFC4868] HMAC_SHA2_384_192 [RFC4868] HMAC_SHA2_512_256 [RFC4868]

So, the only difference is the name?

Cheers, Codrut.

asked 08 Aug '16, 02:10

Codrut%20Cristian%20Grosu's gravatar image

Codrut Crist...
accept rate: 0%

They all refer to the same algorithm. The SHA-1 hash function has only one output size while SHA-2 has several ones (256, 384, 512). Whenever you see "SHA256", "SHA384" or "SHA512", it refers to "SHA-2".

permanent link

answered 08 Aug '16, 02:31

Lekensteyn's gravatar image

accept rate: 30%

Thanks alot for clarifying this thing to me.

(08 Aug '16, 02:38) Codrut Crist...
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 08 Aug '16, 02:10

question was seen: 1,599 times

last updated: 08 Aug '16, 02:38

p​o​w​e​r​e​d by O​S​Q​A