Encryption & authentication methods
fastd supports various combinations of ciphers and authentication schemes using
different method providers. All ciphers, message authentication codes (MACs) and
method providers can be disabled during compilation to reduce the binary size.
See Benchmarks for an
overview of the performance of the different methods.
Recommended methods
The method salsa2012+umac
is recommended for authenticated encyption. null+salsa2012+umac
is the
recommended method for authenticated-only operation.
Salsa20/12 is a stream cipher with very high speed and a very comfortable security margin.
It has been chosed for the software profile in the eSTREAM project in 2008.
UMAC is an extremely fast message authentication code which is provably
secure and optimized for software implementations.
List of methods
Encrypted methods
Method |
Method provider |
Cipher |
MAC |
Notes |
aes128-gcm |
generic-gmac |
aes128-ctr |
ghash |
|
salsa20+gmac |
generic-gmac |
salsa20 |
ghash |
|
salsa2012+gmac |
generic-gmac |
salsa2012 |
ghash |
|
aes128-ctr+umac |
generic-umac |
aes128-ctr |
uhash |
|
salsa20+umac |
generic-umac |
salsa20 |
uhash |
|
salsa2012+umac |
generic-umac |
salsa2012 |
uhash |
|
aes128-ctr+poly1305 |
generic-poly1305 |
aes128-ctr |
none |
, |
salsa20+poly1305 |
generic-poly1305 |
salsa20 |
none |
|
salsa2012+poly1305 |
generic-poly1305 |
salsa2012 |
none |
|
This list is not exhaustive. It is possible to combine different ciphers for
data and authentication tag encryption using the composed-gmac and composed-umac
method providers; these methods aren’t listed here as this is not very useful.
Authenticated-only methods
Method |
Method provider |
Cipher |
MAC |
Notes |
null+aes128-gmac |
composed-gmac |
aes128-ctr |
ghash |
, |
null+salsa20+gmac |
composed-gmac |
salsa20 |
ghash |
|
null+salsa2012+gmac |
composed-gmac |
salsa2012 |
ghash |
|
null+aes128-ctr+umac |
composed-umac |
aes128-ctr |
uhash |
, |
null+salsa20+umac |
composed-umac |
salsa20 |
uhash |
|
null+salsa2012+umac |
composed-umac |
salsa2012 |
uhash |
|
Methods without security
Method |
Method provider |
Cipher |
MAC |
Notes |
null@l2tp |
null-l2tp |
none |
none |
|
null |
null |
none |
none |
|