Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.ecn.uoknor.edu!news.wildstar.net!news.ececs.uc.edu!news.kei.com!news.texas.net!www.nntp.primenet.com!nntp.primenet.com!swrinde!news.sgi.com!nntp-hub2.barrnet.net!nntp-hub3.barrnet.net!mars.hyperk.com!darkstar!cmott From: Charles Mott <cmott@srv.net> Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: TCP Encryption, part 2 Date: Mon, 30 Sep 1996 22:45:38 -0600 Organization: SRVnet, Inc. Lines: 38 Message-ID: <Pine.BSF.3.91.960930215337.17906A-100000@darkstar> References: <Pine.BSF.3.91.960929121424.16142A-100000@darkstar> <52nuf0$ghr@lastactionhero.rs.itd.umich.edu> NNTP-Posting-Host: ras178.srv.net Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Sender: cmott@darkstar In-Reply-To: <52nuf0$ghr@lastactionhero.rs.itd.umich.edu> On 30 Sep 1996, Dug Song wrote: > > Why TCP-level encryption as opposed to IP? > I ran the SKIP loadable kernel module on two of my FreeBSD boxes for a > while without any problems. > > Go to http://skip.incog.com/ for public domain source and binaries. I was a little off-base in my first response to Dug's posting. SKIP is a product developed by Sun Microsystems for administered security networks. It handles not only encryption but authentication so as to avoid "intruder in the middle" or "trojan horse" attacks. Some degree of administration is needed to handle key discovery and authentication. At least in its specification, it appears to be robust, so my earlier derisive comment was unwarranted. What I am advocating is non-administered encryption for routine connections. TCP is the correct level for this, rather than IP, since key exchange can be handled in the initial SYN-ACK negotiation of a TCP connection. Keys should be randomly selected each time and even possibly changed within a single connection. This level of security prevents passive eavesdropping but does not guard against "man in the middle". I know people are getting tired of these postings, so I am going to stop. If I do anything, I will put it in the user ppp tunnel interface to start out with, as I have already done with masquerading. That way, computers connected at different ppp sites can communicate with each other having some degree of privacy without going through administrative trivia. I want to thank readers for their feedback, even if mostly argumentative and negative. It has focused my concentration, and I have learned a few things. Charles Mott P.S. The decision to put unusual networking code in user space rather than in the kernel brings to mind a colorful maxim used by Terry Lambert. I won't actually repeat it, though.