[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IPsec Implementation Survey - March 22
Minor errors (like the mailing list address) and one addition to the ipsec
implementation survey are attached below.
Paul
--------------
The following 18 individuals and vendors have responded to the IPSEC
implementation survey.
ERPIPSEC
ETHZ / ENskip
GTFW-GD
IBM
JI
KA9Q NOS
Morning Star
Network Systems
NIST/NSA
NRL
Raptor Systems
Sidewinder
Sun ICG
TimeStep PERMIT
TIS Gauntlet
USC/ISI
V-ONE SmartWall
The results of this survey (as of March 22, 1996) are provided below. Please
submit any updates or new entries to the ipsec mailing list (ipsec@tis.com)
Paul A. Lambert
IPsec Co-Chair
_______________________________________________________________________
Name of Implementation: ERPIPSEC, BELLCORE, Antonio Fernandez
Security Protocols: ESP, AH
Security Transforms: ESP-DES, AH-MD5_128,64,32
Key Management: manual
Location of Source Code: proprietary
Point of Contact: Antonio Fernandez,
afa@bellcore.com
_______________________________________________________________________
Name of Implementation: ETHZ / ENskip
Security Protocols: SKIP (draft 6), limited AH & ESP (SPI=1)
Security Transforms: ESP-DES, ESP-3DES, ESP-IDEA, ESP-RC4, AH-MD5
(some of these transforms are
not yet standarized)
Key Management: only via SKIP, (manual, X.509 and
'DH public value' keying).
(plus non-standardized PFS)
Lineage of Code: Works under Solaris 2.4+, IRIX, NetBSD, Nextstep.
Location of Source Code: ftp://ftp.tik.ee.ethz.ch/pub/packages/skip
(X.509 and PFS not yet publicly available)
Point of Contact: skip@tik.ee.ethz.ch
_______________________________________________________________________
Name of Implementation: Gemini Trusted Security Firewall-Guard (GTFW-GD)
Security Protocols: 1. IPSec (ESP,AH): Public-Private
2. IPCSO & IPSec: Private-Private
(IP Crypto-Seal Option)
(Integrity, Authentication, Confidentiality)
Security Transforms: DES, Key MD5, Trusted Crypto-Seals
Key Management: 1. Manual for Trusted Public-Private Internetwork
2. A1 Trusted Distribution Key Management Extended
for Trusted Private-Private Internetwork
3. Customized
Lineage of Code: 1. Trusted Software
2. Platform: GTFW-GD on Gemini Trusted Network
Processor with Integrated Encryption
certified at Class A1
Location of Source Code: Proprietary
Point of Contact: Dr. Tien F. Tao, tft@main.geminisecure.com
_______________________________________________________________________
Name of Implementation: IBM
Security Protocols: ESP, AH, both tunnel and transport mode
Security Transforms: ESP-DES (32-bit and 64-bit IV), keyed-MD5,
new keyed-MD5 proposed by Hugo
Key Management : Manual+Fast Key Refreshment>,
SKEME (in progress), Photuris (in Progress)
Lineage of Code: IBM Proprietary, about 10k to 15K lines
(rough estimate, including ESP,
AH, and Key Management).
Location of Source Code: Proprietary
Point of Contact: pau@yktvmv.vnet.ibm.com
_______________________________________________________________________
Name of Implementation: JI
Security Protocols: ESP, AH, Protocol-4 encapsultation
Security Transforms: ESP-DES, AH-MD5
Key Management: manual, Photuris; PF_ENCAP keying i/f,
PF_ROUTE extensionsl
Lineage of Code: Written from scratch,
entirely in Greece, for BSD/OS 2.0,
Location of Source Code: ji's home machine
The promised end-January-96 release
is not ready yet; it should be (freely) available
from ftp.ripe.net RSN.
Point of Contact: ji@hol.gr
_______________________________________________________________________
Name of Implementation: KA9Q NOS
Security Protocols: ESP, AH
Security Transforms: ESP-DES & ESP-DES3, each with 0,32 and 64-bit IVs;
keyed MD5
Key Management: manual
Lineage of Code: scratch
Location of Source Code: Not yet released. Will release soon,
modulo export rules
Point of Contact: karn@unix.ka9q.ampr.org
________________________________________________________________________
Name of Implementation: Morning Star SecureConnect
Security Protocols: ESP, AH
Security Transforms: ESP-DES, AH-MD5
Key Management: manual
Lineage of Code: scratch
Location of Source Code: proprietary
Point of Contact: Karl Fox
<karl@morningstar.com>
_______________________________________________________________________
Name of Implementation: Network Systems BorderGuard and Security Router
Security Protocols: Proprietary
Security Transforms: Des, Idea, 3DES, NSC1 (proprietary),
MD5, Replay, D-H and RSA
Key Management: Proprietary
Lineage of Code: scratch
Location of Source Code: proprietary
Point of Contact: Ted Doty
<ted@kgbvax.network.com>
_______________________________________________________________________
Name of Implementation: NIST/NSA ESP/AH Implementation
Security Protocols: ESP, AH
Security Transforms: ESP-DES, AH-MD5, AH-SHA, and various others
Key Management: manual, PF_SADB interface
for key management daemons
Lineage of Code: derived from BSD platforms.
Successful installation on
BSD/OS, NetBSD, FreeBSD, and DTOS
Location of Source Code: Public distribution within the US
expected March 1996.
Point of Contact: glenn@snad.ncsl.nist.gov
________________________________________________________________________
Name of Implementation: NRL
Security Protocols: ESP, AH -- for BOTH IPv4 and IPv6
Security Transforms: ESP-DES, AH-MD5
Key Management: manual,
PF_KEY interface for key management daemons
Lineage of Code: derived from and portable to 4.4-Lite BSD
Location of Source Code: ftp://ftp.ripe.net/ipv6/nrl/IPv6_domestic.tar.gz
for the September 1995 alpha release.
January 1996 alpha-2 release is not yet at an
ftp site, but should appear soon in the
protected "US-only" archives at ftp.c2.org.
Point of Contact: ipv6-bugs@cs.nrl.navy.mil
_______________________________________________________________________
Name of Implementation: ONNET, FTP Software, Inc.
Security Protocols: ESP, AH
Security Transforms: ESP-DES, AH-MD5
Key Management: manual
Location of Source Code: proprietary
Point of Contact: Naganand Doraswamy
naganand@ftp.com
Name of Implementation: Raptor Systems
Security Protocols: ESP, AH, both tunnel and transport modes
Security Transforms: ESP-DES (32-bit and 64-bit IV), keyed-MD5
Key Management: manual
Lineage of Code: proprietary
Location of Source Code: proprietary
Point of Contact: jkraemer@raptor.com
_______________________________________________________________________
Name of Implementation: Sun ICG
Security Protocols: ESP, AH, proprietary
Security Transforms: ESP-DES, ESP-DES3, AH/KEYED MD5
Key Management: SKIP
Lineage of Code:
Location of Source Code: http://skip.incog.com
Point of Contact: markson@incog.com
_______________________________________________________________________
Name of Implementation: Secure Computing's Sidewinder Firewall
Security Protocols: ESP, AH
Security Transforms: DES, MD5
Key Management: manual
Lineage of Code: BSD based
Location of Source Code: proprietary
Point of Contact: Troy de Jongh (dejongh@sctc.com)
_______________________________________________________________________
Name of Implementation: TimeStep PERMIT
Security Protocols: ESP, AH, proprietary
Security Transforms: ESP-DES
Key Management: proprietary, manual
Lineage of Code: from scratch
Location of Source Code: proprietary
Point of Contact: Stephane Lacelle
slacelle@timestep.com
_______________________________________________________________________
Name of Implementation: Trusted Information Systems Gauntlet
Security Protocols: ESP, AH Tunnel and Transport modes
Security Transforms: ESP-DES, ESP-3DES
Key Management: Custom, manual
Lineage of Code: NRL derived, BSD/OS
Location of Source Code: proprietary
Point of Contact: Rick Murphy, rick@tis.com
_______________________________________________________________________
Name of Implementation: USC/ISI
Security Protocols: IPv4 AH
Security Transforms: null, Internet checksum, MD5, proprietary
null and Internet checksum
for performance measurement
Key Management: Statically configured keys
implementation for performance measurement only
Lineage of Code: SunOS 4.1.3, using "from scratch" and code
adapted from the NRL IPv6 BSDI implementation
Location of Source Code: to be announced in March
Point of Contact: Joe Touch,
touch@isi.edu
_______________________________________________________________________
Name of Implementation: V-ONE SmartWall
Security Protocols: ESP, AH Tunnel and Transport modes, V-ONE
Mutual Authentication
Security Transforms: ESP-DES, ESP-3DES, RC4, Stream-DES
Key Management: Custom, manual
Lineage of Code: NRL derived, BSD/OS
Location of Source Code: proprietary
Point of Contact: Jason Wang, jswang@v-one.com
_______________________________________________________________________
---- End of Message ----