This is a static archive of our old Q&A Site. Please post any new questions and answers at

ESP decryption table vs ISAKMP decryption table



In ESP decryption table there are the following algorithms: HMAC-SHA-1-96 [RFC2404] HMAC-SHA-256-96 [draft-ietf-ipsec-ciph-sha-256-00] HMAC-SHA-256-128 [RFC4868] HMAC-SHA-384-192 [RFC4868] HMAC-SHA-512-256 [RFC4868]

And in ISAKMP (IKEv2 or IKEv1) decryption table there are the following algorithms: HMAC_SHA1_96 [RFC2404] HMAC_SHA2_256_96 [draft-ietf-ipsec-ciph-sha-256-00] HMAC_SHA2_256_128 [RFC4868] HMAC_SHA2_384_192 [RFC4868] HMAC_SHA2_512_256 [RFC4868]

So, the only difference is the name?

Cheers, Codrut.

asked 08 Aug '16, 02:10

Codrut%20Cristian%20Grosu's gravatar image

Codrut Crist...
accept rate: 0%

One Answer:


They all refer to the same algorithm. The SHA-1 hash function has only one output size while SHA-2 has several ones (256, 384, 512). Whenever you see "SHA256", "SHA384" or "SHA512", it refers to "SHA-2".

answered 08 Aug '16, 02:31

Lekensteyn's gravatar image

accept rate: 30%

Thanks alot for clarifying this thing to me.

(08 Aug '16, 02:38) Codrut Crist...