[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Network Layer Encryption History and Prior Art

To: ipsec@TIS.COM
Subject: Network Layer Encryption History and Prior Art
From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>
Date: 18 Jun 96 18:11:26 -0700
Cc: JHAVERTY@us.oracle.com
Sender: ipsec-approval@neptune.tis.com

 
 
Phil, 
 
Approching for network layer encryption have been openly published before the 
work in the IETF. 
 
<Phil> ... in reference to the UUNET patent on network encryption 
>All the basic concepts of IP Security (especially  
>including what we now call "tunnel mode") have been  
>widely and publicly known since at least the original 
>"lunch BOF" that I called at the San Diego IETF 
>meeting way back in 1992. 
 
The research and development of "Network Security" started in the late 70's at 
BBN with the development of the "IPLI".  Classified research and development 
continued in this area on the Blacker (Unisys) and Caneware (Motorola) 
programs in the early 80's.  The NSA sponsored Secure Data Network System 
(SDNS) project brought together a variety of vendors that created the early 
SP3, KMP and MSP specifications.  SP3 provided network layer security services 
that included a tunneling mode.  SP3 is very similar to the IPsec working 
group ESP specification.  The Key Management Protocol (KMP) is similar to the 
ISAKMP specification in concept, but used ASN.1 for specifying the protocol 
formats.  Much of the SDNS work was openly published starting in about 1988.  
The Motorola Network Encryption System (NES) is an SDNS device and was 
designed in the mid to late 80's. 
 
The SDNS specification for SP3 was submitted to the ANSI and ISO standards 
committees and mutated into the Network Layer Security Protocol (NLSP).  NLSP 
included a network layer key establishment protocol that served as a starting 
point for some of the current IPsec key management proposals.   
 
An important early paper on network security was written by Dave Golber 
(Unisys at the time) on the "Dual versus Single Catenet Security Model" (about 
1983).  There are a variety of SP3 security papers written in 1988 and 1989.  
 
So, there is a lot of prior art for network encryption.  Most of the major 
wrinkles in the technology were worked out in the late 80's by projects 
sponsored by the NSA and openly published to help create "good" security 
standards. 
 
Paul 
 
 
 
-------------------------------------------------------------- 
Paul Lambert                     Director of Security Products 
Oracle Corporation                       Phone: (415) 506-0370 
500 Oracle Parkway, Box 659410             Fax: (415) 413-2963 
Redwood Shores, CA  94065               palamber@us.oracle.com 
--------------------------------------------------------------

-- BEGIN included message

To: chk@border.com
Subject: Re: UUNET Network Encryption Patents
From: "Phil Karn " <ipsec-approval@neptune.tis.com>
Date: 17 Jun 96 20:29:33
Cc: ipsec@tis.com


>Filed:		Sep. 13, 1994
>Filed:		Jan. 19, 1994

All the basic concepts of IP Security (especially including what we
now call "tunnel mode") have been widely and publicly known since at
least the original "lunch BOF" that I called at the San Diego IETF
meeting way back in 1992.  So the validity of these patents is not
only seriously in doubt, but there is also the interesting question of
fraud against the PTO for not disclosing all known relevant prior art.

Phil

-- END included message

Follow-Ups:

Re: Network Layer Encryption History and Prior Art

From: "Theodore Y. Ts'o" <tytso@mit.edu>

Prev by Date: Re: keying styles
Next by Date: Re: Network Layer Encryption History and Prior Art
Prev by thread: Oakley primes and EC groups
Next by thread: Re: Network Layer Encryption History and Prior Art
Index(es):
- Main
- Thread