INDEX
| Raweb 2003 / Project-Team : reso
|
HELP INDEX |
|
Key words: verifiable identifiers, verifiable addresses, end-in-end, IPsec, decentralized security.
The protocol sucvP has been implemented on FreeBSD, including the interfaces with the IPsec subsystem embedded within this operating system. The implementation uses the cryptographic functions of the OpenSSL library. INRIA holds intellectual property associated with the first version of this software, enforced by Agence Francaise de Protection des Programmes (APP). This software allows any IPv6 node which uses a cryptographic identifier as its IP address to prove to its interlocutors that it indeed `` owns '' its address. One can thus derive from this proof of ownership of IPv6 address a confidence allowing to secure the traffic exchanged by such nodes thanks to the use of IPsec in transport mode (Transport Mode Opportunistic IPsec). This software provides the foundation of an architecture of security built on top of a cryptographic identifiers ``infrastructure''. With the aim of showing the applicability of this infrastructure at the network level (e.g., IP), this software was also adapted to provide the Tunnel Mode Opportunistic IPsec service. This software has also been adapted to support Host Identity Protocol, a protocol currently discussed at the IETF which provides an equivalent service.
|
|
|