다음을 통해 공유


Quick Mode Security Association (Windows CE 5.0)

Send Feedback

The quick mode security association is the second phase in a two-phase negotiation process. During the quick mode security negotiation phase, a security association (SA) is negotiated on behalf of the IPSec driver.

The IPSec devices exchange the following requirements for enhancing the security of the data transfer:

  • The IPSec protocol (AH or ESP).
  • The hash algorithm for data integrity and authentication. IPSec uses the following message authentication code (HMAC) algorithms:
    Algorithm Description
    HMAC-MD5 Produces a 128-bit value.
    HMAC-SHA1 Produces a 160-bit value. While somewhat slower than HMAC-MD5, HMAC-SHA1 is more secure.
  • The algorithm for encryption, if it is requested (3DES or DES).

The following table shows the SA parameters for quick mode, in preferential order.

Encryption Integrity Comments
3DES HMAC-MD5 None.
3DES HMAC-SHA None.
DES HMAC-MD5 None.
DES HMAC-SHA None.
- HMAC-MD5 Disabled by default.
- HMAC-SHA Disabled by default.

See Also

Security Association | Main Mode Security Association

Send Feedback on this topic to the authors

Feedback FAQs

© 2006 Microsoft Corporation. All rights reserved.