>>>>> "VSC" == Veerabahu Subramanian Chandran <-X (veechand - HCL at Cisco)" > writes:

VSC> From the available documentation/FAQ it is clear that the
VSC> net-snmp binaries like (snmpwalk/snmpget/snmp*) supports only DES
VSC> and AES encryption.

That's correct.

VSC> Is there any roadmap for the support of 3DES, AES256
VSC> encryption algorithms in net-snmp binaries?

There is no standardization done for 3DES and AES256. Although I
believe (know actually) other products exist that support 3DES it's
done based on work that was never well vetted. The AES256 mode was
also defined in early versions of the AES RFC but was later
discarded. However, there is no technical reasons why it can't be
done.

Note that both 3DES and AES256 support require longer keys than what
MD5 or SHA1 can generate, and thus the extra steps needed to produce
longer key material have to be followed and I don't recall off the top
of my head whether or not the internals of the Net-SNMP code base is
able to follow the extra-length key generation mechanisms required by
the KeyChange TC and other issues.

(note that though AES256 support will use longer keys, the entropy in
those keys will still be limited to 160 bits at most assuming the use
of SHA1 (128 for MD5) and assuming passwords or master-keys are used.
Now, you may wish to use it anyway to get the other stronger aspects
of the algorithm as well, but the entropy in you keys won't be
significantly longer unless you manually configure the localized key
material directly)

--
Wes Hardaker
Sparta, Inc.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/...net-snmp-users


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?p...rge&CID=DEVDEV
_______________________________________________
Net-snmp-coders mailing list
Net-snmp-coders@lists.sourceforge.net
https://lists.sourceforge.net/lists/...et-snmp-coders