From: rah@shipwright.com
X-Sender: rah@tiac.net
Mime-Version: 1.0
Date: Sat, 6 May 1995 15:25:12 -0500
To: www-buyinfo@allegra.att.com
Original-From: rah@shipwright.com (Robert Hettinga)
Subject: `Simple Key Mgmt for IP': Internet Commerce Group Announces SKIP
Status:   

To: cypherpunks@toad.com, gnu@toad.com
Subject: `Simple Key Mgmt for IP': Internet Commerce Group Announces SKIP
Date: Sat, 06 May 95 03:40:09 -0700
From: gnu@toad.com
Sender: owner-cypherpunks@toad.com
Precedence: bulk

The protocol specs and a Solaris 2.4 kernel plugin are available now,
and source code for noncommercial use is promised `soon'.  There
seemed to be a lot of handwaving in the spec about the certificate
access protocol, but it works with and improves on today's IPSEC
manual key exchange.  The binary only does RC2/RC4 for some reason,
but the protocol should work with triple-DES and other likely strong
ciphers.  The certs are RSA/PKCS/PEM/X.500 hierarchy based.  The spec
acknowledges Whit Diffie and Phil Karn for contributions, among
others.  Looks like interesting motion in IP-level security.

        John

==============================================================================
SunFlash 77.02

                Internet Commerce Group Announces SKIP

May   1995         John J. McLaughlin, Editor/Publisher    flash@flashback.com
==============================================================================

 The Internet Commerce Group, a new group located within SunLabs
 whose charter it is to develop solutions for performing business
 transactions on the Internet and other public networks, has recently
 announced that their SKIP protocol binary will now be freely
 available from http://skip.incog.com.
------------------------------------------------------------------------------

SKIP which stands for 'Simple Key Management for IP' is a privacy and
authentication scheme that has been designed for use with sessionless
datagram protocols like IP and IPv6. Developed by Ashar Aziz of Sun
Microsystems, Inc. SKIP has been proposed to the Internet Engineering
Task Force (IETF) as a standard.

SKIP is a public key certificate-based key-management scheme which
provides group key-management for Internet multicasting protocols.
Designed to be application independent, SKIP can be plugged into the IP
Security Protocol (IPSP) or IPv6.

Using certified Diffie/Hellman keys, SKIP obviates the need for pseudo
session state establishment and for prior communications between two
participating ends in order to acquire and change traffic keys. The SKIP
scheme has the scalability of an underlying public-key certificate based
infrastructure. Yet it has the efficiencies of a shared key scheme because
key-changing can be done using shared key operations, and in-band
signalled keys incur the length overhead of the block-size of a shared key
cipher.

SKIP Features:
+++++++++++++++

 o Automated certificate exchange.

 o Multi-threaded kernel implementation for parallel bulk data
   encryption/decryption on a multi-processor.

 o Dynamic loading into Solaris kernel.

 o Transparent management of IP fragmentation/reassembly issues.

 o Configurable key-encryption and traffic encryption algorithms
   (currently DES and RC2 for key encryption and DES-CBC,
   RC2-CBC and RC4 for traffic encryption).

 o GUI admin tool for configuring algorithm and key-mgmt policies.



(c) 1995 Sun Microsystems, Inc. You may redistribute this article as long
as you keep this notice with the article.

Press announcements and other information about Sun Microsystems are
available on the Internet via the World Wide Web. URL http://www.sun.com

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
SunFlash - A Full-Text On Demand Newsletter for Users of Sun Computers

John J. McLaughlin - Publisher & Editor   - flash@FlashBack.COM
Tim Wells          - Associate Editor     - tim@FlashBack.COM
Mark Wood          - Distribution Manager - flashadm@FlashBack.COM

Subscriptions to       majordomo@FlashBack.COM
Article Requests to    flashback@FlashBack.COM
Article Submissions to flash@FlashBack.COM

For a general introduction send email to flashback@FlashBack.COM with
9001 in the Subject line.

For the December 1994 contents make the Subject line: 72.00 1146
For the January  1995 contents make the Subject line: 73.00 1176
For the February 1995 contents make the Subject line: 74.00
For the March    1995 contents make the Subject line: 75.00 1221
For the April    1995 contents make the Subject line: 76.00 1262
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


-----------------
Robert Hettinga  (rah@shipwright.com) "There is no difference between someone
Shipwright Development Corporation     who eats too little and sees Heaven and
44 Farquhar Street                       someone who drinks too much and sees
Boston, MA 02131 USA                       snakes." -- Bertrand Russell
(617) 323-7923
>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<