bert hubert <firstname.lastname@example.org>
THIS PROJECT HAS BEEN DEPRECATED - REAL IPSEC here
Simple Packet Signing for Linux
SPS allows you to sign and encrypt your IP traffic with minimal
configuration. This implementation strives for security, simplicity and
robustness. SPS itself adds 'portability' to that goal.
The Linux version is completely modular and requires no patches to either
iptables or the kernel. It should work on all 2.4 kernels!
We currently plan releasing implementations for:
We welcome other implementations, please drop us a line if you are
considering joining in!
Why Simple Packet Signing
Simplicity, simplicity, simplicity. Our goal is a secure internet. We can
achieve that with secure protocols, but we must also make sure that those
protocols are then used! The full Linux configuration for signed &
authenticated packets between networks A and B:
A:~# iptables -t mangle -A OUTPUT -d B -j SIGN --sign-with-secret=s3cr3t
B:~# iptables -t mangle -A PREROUTING -m verify --verify-secret=s3cr3t -j UNSIGN
.. And vice-versa.
Our motto is 'Simple things should be easy, hard things should be possible'.
If you want to sign with full public/private semantics, it will be possible.
Using extra iptables commands, you can give or withhold finegrained access
to your network.
One extra boon of this is that it will work over dynamic ip address - from
now on you can easily trust your laptop's packets, wherever the come from.
Motivation & PLAN
Current very rough PLAN is here. *Very* open to further
discussion, taking place on the netfilter-devel list. See the Netfilter page for information on
how to subscribe. Also explains why this is not ipsec, why this is not a tunnel
and why simple ssh does not cut it.
Lots of thinking going on. Encryption turns out, like signing, to be harder
than I thought. SPS has been a real learning experience so far! I think we
will be using 'Cipher Block Chaining' mode, CBC, with a random but specified
IV. A lot of people have been telling me that 'encryption is easy, use
OpenSSL'. Sorry, no, encryption is *never* easy. Even with a quality
library. In the words of Zedz's Alex de Joode, 'Cryptography is easy (...) to
Besides crypto, NAT has also been an issue. It is vital that SPS signs only
*after* performing NAT, or is otherwise aware of the ultimate source
address. It is not yet clear how this fits in with iptables. Brad Chapman
has patches which might help - we're still pondering.
YES! It functions! Some renaming needs to be done and a lot of cleaning up,
but the syntax described above WORKS! Replace UNSIGN by STRIPSPS and it will
|2001-08-28||I'm looking for ipsec minded people
who can tell me if it is easy to implement the simplicity mentioned above
using AH - it would be great to get into a best of both worlds situation
where we have the non-intrusiveness of the current SPS Linux code while
following a standard, too.|
|2001-08-26||Added some relevant links
and a Thanks To section. Decided to concentrate on symmetric
encryption/signing first, asymmetric is very slow. Algorithms will probably
be SHA-1 HMAC (RFC 2104) and Blowfish. Asymmetric needs more
|2001-08-26||Added SPEC file,
outlining some ideas about the protocol|
Most up to date is CVS.
You can encapsulate packets, and sign them with a secret. No public key yet.
Also no support for multiple algorithms. Only SHA-1 according to RFC 2104.
Conclusions so far:
More in the TODO file.
- iptables/netfilter lends itself to this approach
- Fragmentation is not a major problem
- Packets with strange IP protocol travel the internet well
Links to relevant pages and projects
- Host Identity Payload and Protocol.
Does something like we are proposing, and lots more.
- HMAC: Keyed-Hashing for Message Authentication
- SECURE HASH STANDARD (`SHA-1')
- Blowfish Encryption Algorithm
- Applied Crytography
- Ethan Blanton
- John Levon
- Harald Welte
$Id: index.html,v 1.11 2001/09/09 13:43:16 ahu Exp $