[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IPSEC Implementation Survey
The following nine individuals and vendors have responded to the IPSEC
implementation survey.
ERPIPSEC
ETHZ / ENskip
IBM
JI
KA9Q NOS
Morning Star SecureConnect
Network Systems BorderGuard and Security Router
NRL
Sun ICG
TimeStep PERMIT
USC/ISI
The results of this first survey (as of February 26, 1996) are provided below.
_______________________________________________________________________
Name of Implementation: ERPIPSEC, BELLCORE, Antonio Fernandez
Security Protocols: ESP, AH
Security Transforms: ESP-DES, AH-MD5_128,64,32
Key Management: manual
Location of Source Code: proprietary
Point of Contact: Antonio Fernandez,
afa@bellcore.com
_______________________________________________________________________
Name of Implementation: ETHZ / ENskip
Security Protocols: SKIP (draft 6), limited AH & ESP (SPI=1)
Security Transforms: ESP-DES, ESP-3DES, ESP-IDEA, ESP-RC4, AH-MD5
(some of these transforms are
not yet standarized)
Key Management: only via SKIP, (manual, X.509 and
'DH public value' keying).
(plus non-standardized PFS)
Lineage of Code: Works under Solaris 2.4+, IRIX, NetBSD, Nextstep.
Location of Source Code: ftp://ftp.tik.ee.ethz.ch/pub/packages/skip
(X.509 and PFS not yet publicly available)
Point of Contact: skip@tik.ee.ethz.ch
_______________________________________________________________________
Name of Implementation: IBM
Security Protocols: ESP, AH, both tunnel and transport mode
Security Transforms: ESP-DES (32-bit and 64-bit IV), keyed-MD5,
new keyed-MD5 proposed by Hugo
Key Management : Manual+Fast Key Refreshment>,
SKEME (in progress), Photuris (in Progress)
Lineage of Code: IBM Proprietary, about 10k to 15K lines
(rough estimate, including ESP,
AH, and Key Management).
Location of Source Code: Proprietary
Point of Contact: pau@yktvmv.vnet.ibm.com
_______________________________________________________________________
Name of Implementation: JI
Security Protocols: ESP, AH, Protocol-4 encapsultation
Security Transforms: ESP-DES, AH-MD5
Key Management: manual, Photuris; PF_ENCAP keying i/f,
PF_ROUTE extensionsl
Lineage of Code: Written from scratch,
entirely in Greece, for BSD/OS 2.0,
Location of Source Code: ji's home machine
The promised end-January-96 release
is not ready yet; it should be (freely) available
from ftp.ripe.net RSN.
Point of Contact: ji@hol.gr
_______________________________________________________________________
Name of Implementation: KA9Q NOS
Security Protocols: ESP, AH
Security Transforms: ESP-DES & ESP-DES3, each with 0,32 and 64-bit IVs;
keyed MD5
Key Management: manual
Lineage of Code: scratch
Location of Source Code: Not yet released. Will release soon,
modulo export rules
Point of Contact: karn@unix.ka9q.ampr.org
________________________________________________________________________
Name of Implementation: Morning Star SecureConnect
Security Protocols: ESP, AH
Security Transforms: ESP-DES, AH-MD5
Key Management: manual
Lineage of Code: scratch
Location of Source Code: proprietary
Point of Contact: Karl Fox
<karl@morningstar.com>
_______________________________________________________________________
Name of Implementation: Network Systems BorderGuard and Security Router
Security Protocols: Proprietary
Security Transforms: Des, Idea, 3DES, NSC1 (proprietary),
MD5, Replay, D-H and RSA
Key Management: Proprietary
Lineage of Code: scratch
Location of Source Code: proprietary
Point of Contact: Ted Doty
<ted@kgbvax.network.com>
________________________________________________________________________
Name of Implementation: NRL
Security Protocols: ESP, AH -- for BOTH IPv4 and IPv6
Security Transforms: ESP-DES, AH-MD5
Key Management: manual,
PF_KEY interface for key management daemons
Lineage of Code: derived from and portable to 4.4-Lite BSD
Location of Source Code: ftp://ftp.ripe.net/ipv6/nrl/IPv6_domestic.tar.gz
for the September 1995 alpha release.
January 1996 alpha-2 release is not yet at an
ftp site, but should appear soon in the
protected "US-only" archives at ftp.c2.org.
Point of Contact: ipv6-bugs@cs.nrl.navy.mil
_______________________________________________________________________
Name of Implementation: Sun ICG
Security Protocols: ESP, AH, proprietary
Security Transforms: ESP-DES, ESP-DES3, AH/KEYED MD5
Key Management: SKIP
Lineage of Code:
Location of Source Code: http://skip.incog.com
Point of Contact: markson@incog.com
_______________________________________________________________________
Name of Implementation: TimeStep PERMIT
Security Protocols: ESP, AH, proprietary
Security Transforms: ESP-DES
Key Management: proprietary, manual
Lineage of Code: from scratch
Location of Source Code: proprietary
Point of Contact: Stephane Lacelle
slacelle@timestep.com
_______________________________________________________________________
Name of Implementation: USC/ISI
Security Protocols: IPv4 AH
Security Transforms: null, Internet checksum, MD5, proprietary
null and Internet checksum
for performance measurement
Key Management: Statically configured keys
implementation for performance measurement only
Lineage of Code: SunOS 4.1.3, using "from scratch" and code
adapted from the NRL IPv6 BSDI implementation
Location of Source Code: to be announced in March
Point of Contact: Joe Touch,
touch@isi.edu