From IKE RFC: rfc 2409
Attribute Assigned Numbers
Attributes negotiated during phase one use the following definitions.
Phase two attributes are defined in the applicable DOI specification
(for example, IPsec attributes are defined in the IPsec DOI), with
the exception of a group description when Quick Mode includes an
ephemeral Diffie-Hellman exchange. Attribute types can be either
Basic (B) or Variable-length (V). Encoding of these attributes is
defined in the base ISAKMP specification as Type/Value (Basic) and
Type/Length/Value (Variable).
Attributes described as basic MUST NOT be encoded as variable.
Variable length attributes MAY be encoded as basic attributes if
their value can fit into two octets. If this is the case, an
attribute offered as variable (or basic) by the initiator of this
protocol MAY be returned to the initiator as a basic (or variable).
Attribute Classes
class value type
-------------------------------------------------------------------
Encryption Algorithm 1 B
Hash Algorithm 2 B
Authentication Method 3 B
Group Description 4 B
Group Type 5 B
Group Prime/Irreducible Polynomial 6 V
Group Generator One 7 V
Group Generator Two 8 V
Group Curve A 9 V
Group Curve B 10 V
Life Type 11 B
Life Duration 12 V
PRF 13 B
Key Length 14 B
Field Size 15 B
Group Order 16 V
values 17-16383 are reserved to IANA. Values 16384-32767 are for
private use among mutually consenting parties.
Class Values
- Encryption Algorithm Defined In
DES-CBC 1 RFC 2405
IDEA-CBC 2
Blowfish-CBC 3
RC5-R16-B64-CBC 4
3DES-CBC 5
CAST-CBC 6
values 7-65000 are reserved to IANA. Values 65001-65535 are for
private use among mutually consenting parties.
- Hash Algorithm Defined In
MD5 1 RFC 1321
SHA 2 FIPS 180-1
Tiger 3 See Reference [TIGER]
values 4-65000 are reserved to IANA. Values 65001-65535 are for
private use among mutually consenting parties.
- Authentication Method
pre-shared key 1
DSS signatures 2
RSA signatures 3
Encryption with RSA 4
Revised encryption with RSA 5
values 6-65000 are reserved to IANA. Values 65001-65535 are for
private use among mutually consenting parties.
- Group Description
default 768-bit MODP group (section 6.1) 1
alternate 1024-bit MODP group (section 6.2) 2
EC2N group on GP[2^155] (section 6.3) 3
EC2N group on GP[2^185] (section 6.4) 4
values 5-32767 are reserved to IANA. Values 32768-65535 are for
private use among mutually consenting parties.
- Group Type
MODP (modular exponentiation group) 1
ECP (elliptic curve group over GF[P]) 2
EC2N (elliptic curve group over GF[2^N]) 3
values 4-65000 are reserved to IANA. Values 65001-65535 are for
private use among mutually consenting parties.
- Life Type
seconds 1
kilobytes 2
values 3-65000 are reserved to IANA. Values 65001-65535 are for
private use among mutually consenting parties. For a given "Life
Type" the value of the "Life Duration" attribute defines the actual
length of the SA life-- either a number of seconds, or a number of
kbytes protected.
- PRF
There are currently no pseudo-random functions defined.
values 1-65000 are reserved to IANA. Values 65001-65535 are for
private use among mutually consenting parties.
- Key Length
When using an Encryption Algorithm that has a variable length key,
this attribute specifies the key length in bits. (MUST use network
byte order). This attribute MUST NOT be used when the specified
Encryption Algorithm uses a fixed length key.
- Field Size
The field size, in bits, of a Diffie-Hellman group.
- Group Order
The group order of an elliptical curve group. Note the length of
this attribute depends on the field size.
Additional Exchanges Defined-- XCHG values
Quick Mode 32
New Group Mode 33