S/WAN swims along
Secure Wide Area Networking consortium
While vendors are gearing up to offer Secure Wide Area Networking (S/WAN) products this summer, it certainly hasn't been an easy road. We examine secure networking issues and the brouhaha surrounding its competition, the IP Security (IPSEC) standard. Plus a sidebar on symmetric and public key encryption. (2,100 words)
Hoping to beat the IP Security (IPSEC) standard to the punch, a consortium of companies is spearheading an effort to develop a standard, called S/WAN, for secure wide area networking. IPSEC is still under negotiation within the Internet Engineering Task Force (IETF), while nearly a dozen vendors and government organizations have demonstrated Secure Wide Area Network (S/WAN) products and technologies in a recent test over the Internet. The first set of S/WAN products is scheduled to ship this summer -- long before IPSEC products will appear.
S/WAN will be more than just a firewall technology. It can be implemented in almost any kind of software that uses IP or UDP packets to communicate over the Internet. For example, TimeStep Corp. announced a partnership with RSA Data Security last January to create a S/WAN toolkit that will enable any developer to create applications that communicate securely with existing S/WAN firewalls or servers.
Maj Raddalgoda, director of product marketing at TimeStep said, "the beauty of security at the IP layer is that it is transparent to all applications. You don't need to modify your applications like with SSL or S-HTTP."
As firewall and other security technologies have become more sophisticated, vendors have created add-on software to support secure virtual private networking over LANs, WANs, and the Internet. In many cases, it is built right into firewall or other application firewalls. In a secure virtual private network, all of the data is encrypted between nodes so it cannot be tampered with or intercepted. However, there has been no compatibility between the secure networking technology of different vendors.
Secure networking issues
There are three key issues involved in creating scalable open secure networks that will be addressed by IPSEC and S/WAN. First, there must be a standard way of authenticating the header of the packet. Second, a baseline encryption algorithm is required that can be understood by everyone. Third, there needs to be some automated way of exchanging encryption keys between different computers.
S/WAN is designed to support all of the major features that are likely to be implemented in IPSEC. This way, companies that have created S/WAN networks will be able to upgrade them to support IPSEC once it becomes available.
The IETF has agreed on RFC 1826 to support header authentication and on RFC 1827 to encrypt encapsulated security payloads. However, it has not yet settled on a key management standard and has not initiated any sort of compliance testing for IPSEC standards between vendors.
RSA has taken the initiative in convincing a group of companies to use the existing part of the IPSEC standard to prove interoperability between its protocols. S/WAN has already established RC5 as a baseline encryption protocol for the standard. This has irked some in the IETF IPSEC group who believe all of the IPSEC standards should be freely available, which is not the case with RC5. In fact, since most of the original RSA patents are now nearing expiration, incorporating RC5 into the de facto secure virtual private network standard would give RSA a secure revenue stream long into the future.
One networking vendor who asked not be identified said, "the dirty secret of RSA is all of its technology goes to the public domain in about three or four years. RC5 is new technology so it is something RSA can run a business off of. RC5 is an attempt by RSA to make sure they have a patented lock on an algorithm."
Bill Lattin, vice-president at Cylink believes it is important for all of the IETF IPSEC standards to be in the public domain. "What you will find coming out of the IETF are public domain implementations that will be completely open so people will not have to pay a royalty to implement them," he said. "Cylink is a proponent of the Diffie Helman technology, which will be in the public domain by the summer of next year. So by the time the IPSEC comes out, these will be in the public domain. To date, RSA's technology is not in the public domain. Although RSA Data Security would like you to believe S/WAN is an open standard, it still has a ways to go."
RSA sees the whole affair differently. Tim Mathews, a sales engineer at RSA Data Security said, "at first people thought we were trying to invent a new standard. What they realized was that number one, they needed to interoperate with everyone else. Equally important, they realized that with all of the options they could use, they needed a baseline. Part of the whole initiative is to come up with a test suite so they will be guaranteed to interoperate at some level."
"A lot of people at the IETF got upset by the S/WAN initiative because we were usurping their power. We do not want to be a standards body because we don't have the time, experience, or expertise, so we thought we would do what we could," Mathews said. "It is not complex stuff, but it is getting the process going and helping engineers understand the issue, and that is moving things along."
Since S/WAN has not yet established a key management protocol, it must be done manually in the current round of tests. A number of different proposals have been presented to the IETF. SKIP (Simple Key Management for IP) from Sun Microsystems is one approach. Another key management scheme is Photuris, which was developed by Madison Heights, MI-based consultant Bill Simpson.
Many in the IPSEC community have felt that Photuris is more secure than SKIP because it supports perfect forward secrecy. With SKIP, for example, if a spy collects all of your messages to one party over a period of time, and eventually deciphers the key to one message, the spy could decipher earlier messages. With Photuris as a key management system, it is not possible to decipher past messages with a newer key.
The Internet Security Association and Key Management Protocol (ISAKMP) defines the procedures for authenticating a communicating peer, creation and management of security associations, key generation techniques, and threat mitigation. The Oakley Extensions can be used in conjunction with ISAKMP to support perfect-forward secrecy. To jump-start the development of ISAKMP applications, CISCO recently began offering a free reference implementation of the ISAKMP framework.
Meanwhile, neither IPSEC nor S/WAN have settled yet on a key management standard. S/WAN is hoping to have this decided in June during an upcoming meeting. Until then, S/WAN members continue testing their implementations with each other.
S/WAN is now testing the encryption encapsulation and authentication header components of secure networking technology over the Internet. At the moment, 11 vendors and government participants are demonstrating interoperability between their products. (See the resources section below for the URL to the latest update).
Firewall vendors in the trial include CheckPoint Software with FireWall-1, Secure Computing with SideWinder, SOS Corp. with Brimstone, Trusted Information Systems with Gauntlet, and Gemini with GTFW-GD.
In addition, there are a number of other applications. Many companies are testing their secure virtual private networking applications. IBM is testing SNG. Morning Star is testing Secure Connect. Raptor is testing Eagle, and Time Step is testing Permit, a toolkit for creating secure S/WAN applications. FTP Software has incorporated S/WAN into its OnNet Internet Suite of software, which is also being tested.
The NSA is participating in the tests as well. This means one of two things. Either it thinks the technology is good enough for the government, or it wants to keep the technology as weak as possible so it can slip in the cryptographic back door whenever it sees fit.
Although all of these vendors plan to offer S/WAN products, only a few have come forth with any sort of time frame for a product rollout. Brett Nelson, product marketing manager at Secure Computing Corp., said his company will incorporate S/WAN into the next release of SideWinder due out this summer. However, it will a lack key management protocol, which of course is still being hashed out.
Steven Lipner, vice president of the network security product line at Trusted Information Systems, said, "We have alpha code of the packet encryption now and in some senses that is harder than the key management. What is between us and shipping S/WAN is some additional testing and burning in of the packet encryption and the fact that there is no key management standard yet. In any case, I hope to ship S/WAN well before the end of the year."
In addition to S/WAN, companies have a number of proprietary options available to them. Cylink, for one, has developed Secure LAN.
Sun recently released SunScreen SPF-100, a black box that encrypts traffic between sites. Although SunScreen cannot interoperate with security products from other vendors, Sun recently released End User Skip which allows users to connect to a SunScreen device with only a PC and some software on their end.
Sun has been a participant in some of the S/WAN meetings, but has not begun any sort of interoperability testing with other vendors. Chris Tolles, a spokesman for Sun's Internet Commerce Group said, "S/WAN is sort of like IPSEC with proprietary encryption on top of it. Right now, it is not assured interoperability. We are working closely with IPSEC to make sure the encryption is working, and we are in the middle of negotiations with RSA. We clearly support IPSEC and as far as RSA supports that we are behind it."
Surely, secure virtual private networking is on the way. The only question now is one of timing. S/WAN will appear well before the IPSEC standard, but is bound to contain some proprietary portions, such as the RC5 encryption algorithm.
As Marcus Ranum, chief scientist at V One Corp. said, "The real question is whether S/WAN will be a standard or if IPSEC can get off their collective rear ends to make a standard. IPSEC has deadlocked several times on whether the standard can use patents or not. Real standards come from the customer base, but there has not been a customer base for this. Now that base is here. S/WAN is a good start and SKIP is another."
If you have technical problems with this magazine, contact email@example.com
There are two types of encryption. In symmetric key encryption, a single key is used to encrypt and decrypt all communications. The problem with this approach is that the keys must be distributed securely. This can be difficult when trying to establish new links over open networks such as the Internet.
In public key cryptography, two keys are generated for every person that wants to communicate securely. The public key is given to everyone, and the private key is kept secret. When you wish to send a message to someone, your private key and the recipient's public key are used to encrypt the message. Using the recipient's public key and your private key, they can decrypt the message and confirm that you sent it.
The one problem with public key cryptography is that it is considerably slower at encrypting than most symmetrical key algorithms. Consequently, they are generally used together in securing open networks. Each new communications session uses a separate symmetric key which is exchanged at the beginning of a communications session between two secure computers using a public key algorithm such as RSA.
Secure key management with SKIP
There needs to be a way of securely transmitting the public keys of people over the network. Otherwise, it would be possible to fool people about your identity. A number of attempts have been made to create certificating authorities which provide a secure registry of public keys. For example, RSA has created VeriSign. Ideally, the exchange of these public keys should be fully automated. A good candidate for this job is Sun's SKIP (Simple Key Management for IP).
Sun recently released End System SKIP, a program that can be used to communicate between Sun's SunScreen SPF-100 secure virtual private networks and mobile employees or customers, or between two mobile sites.
"End System SKIP allows us to realize the promise of electronic commerce over the Internet," said Humphrey Polanen, general manager of Sun's Internet Commerce Group. "As mobile computing rapidly increases with both traveling employees as well as with employees telecommuting from home, there is a crucial need to protect internal networks as well as the information itself. End System SKIP provides optimum security. When used in conjunction with the SunScreen SPF-100, it not only provides strong encryption to protect the data, but it also provides a secure end user-to-firewall link."
End User SKIP was made available in May for Solaris, Windows 3.X, Windows 95 and NT. More information on SKIP is available at http://skip.incog.com.
About the author
George Lawton (firstname.lastname@example.org) is a computer and telecommunications consultant based in Brisbane, CA. You can visit his home page at http://www.best.com/~glawton/glawton/ Reach George at email@example.com.