[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Network Layer Encryption History and Prior Art

To: ipsec@TIS.COM
Subject: Re: Network Layer Encryption History and Prior Art
From: Howard Weiss <hsw@columbia.sparta.com>
Date: Wed, 19 Jun 1996 09:13:31 -0400 (EDT)
Fax: (410) 381-5559
In-Reply-To: <9606190224.AA07109@dcl.MIT.EDU> from "Theodore Y. Ts'o" at Jun 18, 96 10:24:18 pm
Organization: SPARTA Inc. (Secure Systems Engineering Division)
Phone: (410) 381-9400 x201
Sender: ipsec-approval@neptune.tis.com
Usmail: 9861 Broken Land Parkway, Suite 300, Columbia MD 21046

> 
>    Date: 18 Jun 96 18:11:26 -0700
>    From: "PALAMBER.US.ORACLE.COM" <PALAMBER@us.oracle.com>
> 
>    The research and development of "Network Security" started in the
>    late 70's at BBN with the development of the "IPLI".  Classified
>    research and development continued in this area on the Blacker
>    (Unisys) and Caneware (Motorola) programs in the early 80's.  The NSA
>    sponsored Secure Data Network System (SDNS) project brought together
>    a variety of vendors that created the early SP3, KMP and MSP
>    specifications.  SP3 provided network layer security services that
>    included a tunneling mode.  SP3 is very similar to the IPsec working
>    group ESP specification.  The Key Management Protocol (KMP) is
>    similar to the ISAKMP specification in concept, but used ASN.1 for
>    specifying the protocol formats.  Much of the SDNS work was openly
>    published starting in about 1988.  The Motorola Network Encryption
>    System (NES) is an SDNS device and was designed in the mid to late
>    80's.
> 

Actually, the PLI (Private Line Interface) was developed by BBN in the
early '70s.  The IPLI was to be its "modern" successor.  It consisted
of a classified-side (red) processor, a KG-30 encryption box, and an
unclassified-side (black) processor.  It was evaluated and certified
by NSA around late-1975 or early-1976.  Its function was to allow
classified traffic to flow, encrypted, over the ARPAnet.  This meant,
at the time, that ARPAnet NCP headers remained in the clear while the
data payload was encrypted.  COINS (Consolidated On-line Intelligence
Network) used the PLI to connect a distant node via the ARPAnet in
order to save the line charges for the then, very expensive 50KB
lines.

Howie Weiss

 ________________________________________________________________________
|                                                                        |
|  Howard Weiss                            phone (410) 381-9400 x201     |
|  SPARTA, Inc.                                  (301) 621-8145 x201 (DC)|
|  9861 Broken Land Parkway, suite 300     fax:  (410) 381-5559          |
|  Columbia, MD 21046                      email: hsw@columbia.sparta.com|
|________________________________________________________________________|

References:

Re: Network Layer Encryption History and Prior Art

From: "Theodore Y. Ts'o" <tytso@mit.edu>

Prev by Date: Re: ISAKMP null transforms
Next by Date: Re: UUNET Network Encryption Patents
Prev by thread: Re: Network Layer Encryption History and Prior Art
Next by thread: Re: Network Layer Encryption History and Prior Art
Index(es):
- Main
- Thread