7. Odds and ends

Ideas and code for this project came from various parts of the Linux 2.0.12 kernel, most notably the ipip protocol, the new_tunnel driver, and the udp protocol.
NOTE: This software contains a data encryption facility. Use of it is restricted by law in some countries including France and Russia. In the United States of America it is not allowed to export such systems without special permission. The IDEA algorithm included herein is patented and subject to licensing conditions at least in parts of Europe and America (see http://www.ascom.ch/systec).
A note on the Blowfish algorithm: For historical reasons (a bug in the original i386 assembler implementation), CIPE uses a variant of the Blowfish algorithm where the plaintext and ciphertext data words are interpreted as little-endian. This means it is Blowfish with an added initial and final permutation. This does not affect the cryptographic properties of the algorithm.
A Windows port of the CIPE protocol is being developed. It is found at http://cipe-win32.sourceforge.net.
To Do list for future development:
- Profiling and optimization for speed. Check C implementation of IDEA for possible optimization.
- Make IDEA run in constant time to harden against timing attack? This would impose a serious performance penalty. It is at least possible in C and i486 and higher; probably not for the i386. The Blowfish algorithm always runs in constant time (at least the assembler implementation).
- Test various combinations of crypto algorithm and implementation selected.
- Implement all of the attack protections outlined in the protocol chapter. (Keeping log of recent keys and timestamping is implemented.)
- Implement dummy packet generation.
There is a mailing list for CIPE users and development. To subscribe, send mail to majordomo@inka.de containing the line
subscribe cipe-l
in the message body. Please subscribe before posting to the list.
The Encryption HOWTO covers various methods on disk and network encryption. See http://EncryptionHOWTO.sourceforge.net/.

[ << ]

[ >> ]

[Top]

[Contents]

[Index]

[ ? ]

This document was generated by Olaf Titz on August, 4 2004 using texi2html