Encryption Algorithm Suite

Enterprise

Worldwide

Huawei Global - English

- South Africa - English
- Morocco - English
- Brazil - Português
- Mexico - Español
- United Arab Emirates - English
- Saudi Arabia - English
- Australia - English
- China - 简体中文
- Hong Kong, China - English
- India - English
- Japan - 日本語
- South Korea- English
- Kazakhstan - русский
- Malaysia - English
- Singapore - English
- Indonesia - English
- Thailand - English
- Philippines - English
- Austria - Deutsch
- Czech - English
- France - Français
- Germany - Deutsch
- Greece - English
- Hungary- English
- Italy - Italiano
- Poland - English
- Sweden - English
- Russia - русский
- Spain - Español
- Turkey - Türkçe
- United Kingdom - English
- Ukraine - English

Menu
Products and Services
Industries
Technical Support
Partners
Community

Most people search for
Switches Routers Servers Storage Data Center Energy Cloud Computing

OceanStor Dorado 6.1.0 Security Configuration Guide

Rate and give feedback:

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Encryption Algorithm Suite

This chapter describes the TLS encryption algorithm suite supported by OceanStor Dorado V6 series storage systems.

The encryption algorithm suite defines a series of security mechanisms to ensure the security of TLS communication.

Key exchange algorithm: Defines how keys, which are used for data encryption, are exchanged between clients and servers. For example, ECDHE algorithm.
Authentication method: Defines how a client authenticates a server. For example, RSA certificate or no authentication.
Encryption algorithm: Defines how to encrypt data. For example, AES (256-bit or 128-bit).
Hash algorithm: Provides a method for checking whether data has been tampered to ensure data integrity during transmission. For example, SHA-2.

Table E-1 provides the TLS encryption algorithm suite supported by OceanStor Dorado V6 series storage systems.

Table E-1 Encryption algorithm suite

Application	Protocol	Port Number	Encryption Algorithm Suite
DeviceManager (GUI for system management)	TLS 1.2 and TLS 1.3	8088	Two types of encryption suites are supported on DeviceManager: safe and compatible. safe DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-CCM ECDHE-RSA-AES256-SHA384 compatible ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-CCM ECDHE-RSA-AES256-SHA384 NOTE: You can log in to the CLI management interface, run show devicemanager ciphersuite and change devicemanager ciphersuite to query and configure the DeviceManager security suites.
SSH Server (CLI for system management/SFTP service)	SSH V2	22	Ciphers AES128-CTR AES192-CTR AES256-CTR CHACHA20-POLY1305@openssh.com AES128-GCM@openssh.com AES256-GCM@openssh.com KexAlgorithms CURVE25519-SHA256 CURVE25519-SHA256@libssh.org DIFFIE-HELLMAN-GROUP-EXCHANGE-SHA256 HostKeyAlgorithms SSH-ED25519 SSH-ED25519-CERT-V01@openssh.com RSA-SHA2-256 RSA-SHA2-512 MAC HMAC-SHA2-256
HyperMetro services	TLS 1.2	30002	AES256+RSA+SHA256 AES256-GCM-SHA384 AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384
SNMP Agent	SNMPv3	161	MD5 SHA SHA224 SHA256 SHA384 SHA512 DES 3DES AES AES192 AES256

Download

Updated: 2021-03-31

Document ID: EDOC1100140618

Downloads: 102

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode

Related Version

Related Documents

Digital Signature File