SKIP - Simple Key management for Internet Protocols

SKIP - Simple Key management for Internet Protocols

SKIP, which provides IP-Level cryptography, much like SSH, is available for Linux. A quick overview from http://www.skip.org states:

SKIP secures the network at the IP packet level. Any networked application gains the benefits of encryption, without requiring modification. SKIP is unique in that an Internet host can send an encrypted packet to another host without requiring a prior message exchange to set up a secure channel. SKIP is particularly well-suited to IP networks, as both are stateless protocols. Some of the advantages of SKIP include:
  • No connection setup overhead

  • High availability - encryption gateways that fail can reboot and resume decrypting packets instantly, without having to renegotiate (potentially thousands) of existing connections

  • Allows uni-directional IP (for example, IP broadcast via satellite or cable)

  • Scalable multicast key distribution

  • SKIP gateways can be configured in parallel to perform instant-failover

There is a wealth of information available at http://www.skip.org as well as the actual Linux implementation available at http://www.tik.ee.ethz.ch/~skip/



0 comments: