[1207] in WWW Security List Archive
Re: Internet Tunnel Question
daemon@ATHENA.MIT.EDU (Greg King)
Wed Dec 6 11:27:05 1995
Date: Wed, 06 Dec 1995 04:58:45 -0500
To: "Prince, Cheryl" <cprince@mfi.com>, www-security@ns2.rutgers.edu
From: Greg King <king@reston.ans.net>
Errors-To: owner-www-security@ns2.rutgers.edu
Yes.. the Digital Internet Tunnel actually uses RSA for distribution
of symmetric session encryption keys which are in turn used to encrypt
exchanged data. If one is satisfied with the strength of the cipher
(128 bit RC4 I believe), and the strength of the key distribution protocol
that it uses then it can be used to create Virtual Private Networks over
shared public infrastructure such as the Internet.
While there have been one or two other commercial products that implement
the same technology, the Digital implementation is unique in that the
encryption can be extended directly to Unix and Windows desktops instead
of being limited to exchanges between peer routers. It is also convenient
because the encryption is application independent so individual applications
need not be modified as is the case with SSL, Kerberos, IPSP, and many
encryption
security protocols. This indepedence is achived thru encapsulation.
Reportedly, evaluation kits are due out on the 12th.
Greg
At 02:39 PM 12/5/95 PST, Prince, Cheryl wrote:
>
>
>Digital recently released a new (?) way of using the public Internet to
create -
>-or replace--private local or wide area networks. All sensitive data is
>encrypted with RSA tech, private key/public key cryptography on either end of
>communication as well as authentication so the parties can accurately identify
>each other. It's called the Digital Internet Tunnel.
>
>Has anyone heard about this kind of system (surely not the first of its kind)
>and is this safe??
>
>CJ Prince
>
>
