Encryption Algorithm Suite
This chapter describes the TLS encryption algorithm suite supported by OceanStor Dorado V6 series storage systems.
The encryption algorithm suite defines a series of security mechanisms to ensure the security of TLS communication.
- Key exchange algorithm: Defines how keys, which are used for data encryption, are exchanged between clients and servers. For example, ECDHE algorithm.
- Authentication method: Defines how a client authenticates a server. For example, RSA certificate or no authentication.
- Encryption algorithm: Defines how to encrypt data. For example, AES (256-bit or 128-bit).
- Hash algorithm: Provides a method for checking whether data has been tampered to ensure data integrity during transmission. For example, SHA-2.
Table E-1 provides the TLS encryption algorithm suite supported by OceanStor Dorado V6 series storage systems.
Application |
Protocol |
Port Number |
Encryption Algorithm Suite |
---|---|---|---|
DeviceManager (GUI for system management) |
TLS 1.2 and TLS 1.3 |
8088 |
Two types of encryption suites are supported on DeviceManager: safe and compatible.
|
SSH Server (CLI for system management) |
SSH V2 |
22 |
|
HyperMetro services |
TLS 1.2 |
30002 |
AES256+RSA+SHA256 AES256-GCM-SHA384 AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 |
SNMP Agent |
SNMPv3 |
161 |
MD5 SHA SHA224 SHA256 SHA384 SHA512 DES 3DES AES AES192 AES256 |