hal@GATEWAY.MITRE.ORG (Hal Feinstein) (04/17/89)
Speaking of encryption on a LAN:
There's a group meeting for some time called: LAN Security Study Group
(802.10 I think) working toward a group of encryption standards for LAN.
These are algorithm independent but, everyone likes DES for the traffic
and they've just gotten a proposal for RSA key distribution.
They're been laying a lot of ground work and of couse,
certain vendors would like the standard to look like their product(s)
(nothing new in this). For more information you might send mail to
kek@mitre-bedford.arpa (mbunix.mitre.org), Kim acts as chairperson of
the group.
Before you trade in your trusty TCPDUMP and overhaul your old rotor
machines, what about all those keys that are going to be floating around
the net. If everyone shares a common key you get no security. If everyones
got a different key, well, start thinking about key management.
-hal@gateway.mitre.org
jeff@dante.nmsu.edu (Jeff Harris) (04/25/89)
For those people really concerned about security on their LAN, you might be interested in the DEC DESNC Ethernet Security Device. This box looks like a 4 port thinwire repeater, but performs real-time DES encryption on packet bodies. A VMS VAX provides key distribution, and determines what e-net address can connect to what ports, and whether or not sessions must be encrypted. The devices that you connect to the box think they are connecting to a standard thinwire ethernet, so no mods are required to hardware or software. We are currently evaluating this box for construction of a relatively secure network for our administrative users. Jeff Harris Computer Center - Room 133E Box 30001 / Dept 3AT New Mexico State University Las Cruces, New Mexico 88003-0001 Internet: jeff@NMSU.Edu Voice : (505) 646-5110 UUCP : sun!sunpeaks!sunnmex!nmsu!jeff FAX : (505) 646-5278 Bitnet : jeff@nmsu
mckee@MITRE.MITRE.ORG (H. Craig McKee) (04/26/89)
>From: opus!dante!jeff@lanl.gov (Jeff Harris) >Organization: New Mexico State University > >For those people really concerned about security on their LAN, you >might be interested in the DEC DESNC Ethernet Security Device. Wang, Motorola, and Xerox are also developing LAN encryption products. I'm familiar the Xerox Encryption Unit: 802.3; it plugs into the drop cable between the processor and the transceiver connection; encryption is done using a chip developed by Ultron (703)827-9405; the first 14 octets remain in-the-clear; the XEU costs about 5K; Xerox contact is Frank Presson (703)442-6777.