The other day, while I was poking around the C'Punk FTP site, I ran across swIPe, the low-level network security protocol by Matt Blaze and John Ioannidis. I'm not as knowledgeble as many of the people here, but swIPe strikes me as "The Right Way" to apply crypto to net-communications. Instead of having secure email, secure mosaic, secure telnet, etc., you have secure IP traffic. It's comparatively simple, it's very flexible, and it's transparent. I haven't heard much about swIPe, and I was wondering if someone could bring me up to speed on it, let me know the status of the project, the conventional wisdom, etc. In particular, I'd like to know if anyone uses swIPe with Linux. Also, I'm curious about the practicality of using swIPe as a component in a larger secure mail (or secure anything) system. If I understand the situation properly, swIPe would only be one piece of a total security system. You'd still need to protect against unauthorized break-ins on your machine, and you'd still have to trust root, you'd still depend on the OS's built-in security, you'd still need a CFS type of program to store your swIPe keys, etc. Finally (I know I'm asking a lot of questions here), does anyone have any pointers to anything about the key-exchange system (apart from what was at soda)? Thanks, Alex
alex says:
The other day, while I was poking around the C'Punk FTP site, I ran across swIPe, the low-level network security protocol by Matt Blaze and John Ioannidis.
The code is just by JI, actually. Phil Karn has done a seperate experimental implementation
I'm not as knowledgeble as many of the people here, but swIPe strikes me as "The Right Way" to apply crypto to net-communications. Instead of having secure email, secure mosaic, secure telnet, etc., you have secure IP traffic. It's comparatively simple, it's very flexible, and it's transparent.
Its sufficient for all protocols on which authentication and encryption have to be done on the link -- things like Telnet, for example. For things like Email, its not adequite, because the store and forward nature of the data means that you need authentication over the data and not over the link.
I haven't heard much about swIPe, and I was wondering if someone could bring me up to speed on it, let me know the status of the project, the conventional wisdom, etc. In particular, I'd like to know if anyone uses swIPe with Linux.
There is a (moribund) mailing list, swipe-request@cs.columbia.edu will get you on to it. There is also a successor protocol that has been developed by the IETF's IPSEC working group, called IPSP, which is essentially a simplification of swIPe; I'm editing the draft RFCs. Perry
participants (2)
-
alex -
Perry E. Metzger