swipe working on infinity.c2.org

Perry E. Metzger perry at imsi.com
Fri Jun 17 08:38:13 PDT 1994



Jef Poskanzer says:
> When I talked to Phil Karn months ago about IP encryption, he was
> talking about encrypting each packet independently - I guess you have
> to do that with IP since it's not a reliable protocol.

Well, you largely have to. In fact, swIPe doesn't necessarily require
that. swIPe in fact requires very little. :-)

> Maybe you could post a quick summary of the encryption mode used?

There isn't one per se -- at least in the sense that none is
standardized since that would be inappropriate. The kind of encryption
gets negotiated in a protocol at another level. swIPe just defines
packet formats, really.  If you want details, you ought to look at the
internet draft (on the disk, or available from
ftp://research.att.com/dist/mab), the paper (also on the disk and at
research) and the code.

I believe that the prototype on the disk is just using DES in CBC mode
for the moment, but other modes/cyphers have hooks defined for them.
Ports to new platforms, new cyphers, and new functionality are very
welcome, btw.

Perry






More information about the cypherpunks-legacy mailing list