From: “Perry E. Metzger” <perry@imsi.com>
To: Jef Poskanzer <jef@ee.lbl.gov>
Message Hash: c057560541d22347b3ea383203c292607730f43ff71cf76e8804b4733618c166
Message ID: <9406171538.AA02268@snark.imsi.com>
Reply To: <199406171524.IAA00619@hot.ee.lbl.gov>
UTC Datetime: 1994-06-17 15:38:13 UTC
Raw Date: Fri, 17 Jun 94 08:38:13 PDT
From: "Perry E. Metzger" <perry@imsi.com>
Date: Fri, 17 Jun 94 08:38:13 PDT
To: Jef Poskanzer <jef@ee.lbl.gov>
Subject: Re: swipe working on infinity.c2.org
In-Reply-To: <199406171524.IAA00619@hot.ee.lbl.gov>
Message-ID: <9406171538.AA02268@snark.imsi.com>
MIME-Version: 1.0
Content-Type: text/plain
Jef Poskanzer says:
> When I talked to Phil Karn months ago about IP encryption, he was
> talking about encrypting each packet independently - I guess you have
> to do that with IP since it's not a reliable protocol.
Well, you largely have to. In fact, swIPe doesn't necessarily require
that. swIPe in fact requires very little. :-)
> Maybe you could post a quick summary of the encryption mode used?
There isn't one per se -- at least in the sense that none is
standardized since that would be inappropriate. The kind of encryption
gets negotiated in a protocol at another level. swIPe just defines
packet formats, really. If you want details, you ought to look at the
internet draft (on the disk, or available from
ftp://research.att.com/dist/mab), the paper (also on the disk and at
research) and the code.
I believe that the prototype on the disk is just using DES in CBC mode
for the moment, but other modes/cyphers have hooks defined for them.
Ports to new platforms, new cyphers, and new functionality are very
welcome, btw.
Perry
Return to June 1994
Return to “Phil Karn <karn@qualcomm.com>”