Simple Packet Signing for Linux

SPS allows you to sign and encrypt your IP traffic with minimal configuration. This implementation strives for security, simplicity and robustness. SPS itself adds 'portability' to that goal. We currently plan releasing implementations for:

Linux
Windows 2000
MacOS X - Stefan Arentz <stefan@soze.com>

We welcome other implementations, please drop us a line if you are considering joining in!

Why Simple Packet Signing

Simplicity, simplicity, simplicity. Our goal is a secure internet. We can achieve that with secure protocols, but we must also make sure that those protocols are then used! The full Linux configuration for signed & authenticated packets between networks A and B:

A:~# iptables -t mangle -A OUTPUT -d B -j SIGN --sign-with-secret=s3cr3t
B:~# iptables -t mangle -A PREROUTING -m verify --verify-secret=s3cr3t -j UNSIGN

.. And vice-versa.
Our motto is 'Simple things should be easy, hard things should be possible'. If you want to sign with full public/private semantics, it will be possible. Using extra iptables commands, you can give or withhold finegrained access to your network.
One extra boon of this is that it will work over dynamic ip address - from now on you can easily trust your laptop's packets, wherever the come from.

Motivation & PLAN

Current very rough PLAN is here. *Very* open to further discussion, taking place on the netfilter-devel list. See the Netfilter page for information on how to subscribe. Also explains why this is not ipsec, why this is not a tunnel and why simple ssh does not cut it.

News

2001-08-29	YES! It functions! Some renaming needs to be done and a lot of cleaning up, but the syntax described above WORKS! Replace UNSIGN by STRIPSPS and it will function!
2001-08-28	I'm looking for ipsec minded people who can tell me if it is easy to implement the simplicity mentioned above using AH - it would be great to get into a best of both worlds situation where we have the non-intrusiveness of the current SPS Linux code while following a standard, too.
2001-08-26	Added some relevant links and a Thanks So section. Decided to concentrate on symmetric encryption/signing first, asymmetric is very slow. Algorithms will probably be SHA-1 HMAC (RFC 2104) and Blowfish. Asymmetric needs more thinking.
2001-08-26	Added SPEC file, outlining some ideas about the protocol

Code

First functional code - will crash your system, eat data and spread nasty rumors to your employer. 29th of August 2001: sps-linux-0.1.tar.gz
First drop, 25th of August 2001: sps-linux-0.0.tar.gz

Most up to date is CVS.

State

You can encapsulate packets, and sign them with a secret. No public key yet. Also no support for multiple algorithms. Only SHA-1 according to RFC 2104. Conclusions so far:

iptables/netfilter lends itself to this approach
Fragmentation is not a major problem
Packets with strange IP protocol travel the internet well

Links to relevant pages and projects

Host Identity Payload and Protocol. Does something like we are proposing, and lots more.
HMAC: Keyed-Hashing for Message Authentication
- RFC 2104
SECURE HASH STANDARD (`SHA-1')
- FIPS 180-1
Blowfish Encryption Algorithm
- Free, fast, secure
Applied Crytography
- By Bruce Schneier (Amazon)

Thanks to

Ethan Blanton
John Levon
Harald Welte

$Id: index.html,v 1.9 2001/08/29 22:07:45 ahu Exp $