Free end-to-end encryption code?
As a side project, to support remote mail and news pickup through the Internet to my company's servers (through a firewall), I've been slowly writing an end-to-end encryption program. Essentially, the idea is that the client program (say, a mail program) connects to a client "reflector", which lives on the same person's machine. The client reflector connects to a server reflector, which perhaps lives on the firewall. The client and server talk to each other, the client is authenticated, and the session key is agreed upon. Then the server reflector connects to the server process (say, smtpd, probably on some machine inside the company's net), and an encypted session is obtained. This doesn't protect against the machine's memory being watched or anything like that, but it does provide a good amount of security for packets over the Internet, just like the end-to-end type of encryption software described in Applied Cryptography. Now, this is my first code with any real encryption in it, and I'm trying to tackle key negotiation protocols and so on, while at the same time utilizing RSA, IDEA and MD5. In my research, I found that a number of firewall vendors have such a system available, either implemented in hardware or software. What I want to know is: Is there any code like this available somewhere on the net that does this stuff? I would hate to have to reinvent the wheel if I don't have to, given my limited amount of spare time.
As a side project, to support remote mail and news pickup through the Internet to my company's servers (through a firewall), I've been slowly writing an end-to-end encryption program. Essentially, the idea
Sounds like something that could be directly done with ssh [http://www.cs.hut.fi/ssh] using TCP/IP forwarding. I've myself used it to encrypt the connection to the smtp port on a remote server. I configured sendmail to use "localhost" as the major relay host, disabled the sendmail daemon, and ran sendmail from cron to process the queue every now and then. Incoming mail was fetched via ssh from a remote file server using a couple of small scripts. Tatu
On Mon, 12 Feb 1996, Steve Willer wrote:
As a side project, to support remote mail and news pickup through the Internet to my company's servers (through a firewall), I've been slowly writing an end-to-end encryption program. Essentially, the idea
Why reinvent the wheel? Lots of end-to-end stuff out there - I use ssh, myself... -- Ed Carp, N7EKG Ed.Carp@linux.org, ecarp@netcom.com 214/993-3935 voicemail/digital pager 800/558-3408 SkyPager Finger ecarp@netcom.com for PGP 2.5 public key an88744@anon.penet.fi "Past the wounds of childhood, past the fallen dreams and the broken families, through the hurt and the loss and the agony only the night ever hears, is a waiting soul. Patient, permanent, abundant, it opens its infinite heart and asks only one thing of you ... 'Remember who it is you really are.'" -- "Losing Your Mind", Karen Alexander and Rick Boyes The mark of a good conspiracy theory is its untestability. -- Andrew Spring
Why reinvent the wheel? Lots of end-to-end stuff out there - I use ssh, myself...
Okay...well...here's another problem. You see, most of the clients are going to be Windows people. I can't use a Unix-only solution.
There is already a windows version of ssh, though it is not very stable. I am myself working on an "official" Windows version, and it should be available after a few weeks. Tatu
On Mon, 12 Feb 1996 09:46:29 +0000, you wrote:
On Mon, 12 Feb 1996, Steve Willer wrote:
As a side project, to support remote mail and news pickup through the Internet to my company's servers (through a firewall), I've been slowly writing an end-to-end encryption program. Essentially, the idea
Why reinvent the wheel? Lots of end-to-end stuff out there - I use ssh, myself...
Okay...well...here's another problem. You see, most of the clients are going to be Windows people. I can't use a Unix-only solution.
On Mon, 12 Feb 1996, Steve Willer wrote:
On Mon, 12 Feb 1996 09:46:29 +0000, you wrote:
On Mon, 12 Feb 1996, Steve Willer wrote:
As a side project, to support remote mail and news pickup through the Internet to my company's servers (through a firewall), I've been slowly writing an end-to-end encryption program. Essentially, the idea
Why reinvent the wheel? Lots of end-to-end stuff out there - I use ssh, myself...
Okay...well...here's another problem. You see, most of the clients are going to be Windows people. I can't use a Unix-only solution.
There exists at least one ssh Windows client. -- Ed Carp, N7EKG Ed.Carp@linux.org, ecarp@netcom.com 214/993-3935 voicemail/digital pager 800/558-3408 SkyPager Finger ecarp@netcom.com for PGP 2.5 public key an88744@anon.penet.fi "Past the wounds of childhood, past the fallen dreams and the broken families, through the hurt and the loss and the agony only the night ever hears, is a waiting soul. Patient, permanent, abundant, it opens its infinite heart and asks only one thing of you ... 'Remember who it is you really are.'" -- "Losing Your Mind", Karen Alexander and Rick Boyes The mark of a good conspiracy theory is its untestability. -- Andrew Spring
participants (3)
-
Ed Carp -
Tatu Ylonen -
willer@carolian.com