IP Security/Internet Key Exchange

IPSec/IKE allows encryption of all data contents of IP packages. The keys can be replaced via the Internet (public/private key procedure).
Available encryption mechanisms: DES, Triple DES, AES (128, 192, 256 Bit), MDS, SHA-1, SHA-2 (256, 384, 512 Bit).

Specific features

• Specifically optimized for embedded applications (code size, memory requirement and performance)
• Easily portable via ANSI-C source code
• Adapted for NicheStack v4, NicheStack v6 and NicheStack Dual v4v6
• Can be used with or without operating system

Supported RFCs

• RFC 2401 - Security Architecture for the Internet Protocol
• RFC 2406 - Encapsulating Security Payload (ESP)
• RFC 2402 - IP Authentication Header
• RFC 2407 - Internet IP Security Domain of Interpretation for ISAKMP
• RFC 2408 - Internet Security Association and Key Management Protocol (ISAKMP)
• RFC 2409 - Internet Key Exchange (IKE)
• RFC 2405 - ESP DES-CBC Cipher Algorithm With Explicit IV
• RFC 2451 - ESP CBC-Mode Cipher Algorithms
• RFC 2104 - HMAC: Keyed-Hashing for Message Authentication
• RFC 2403 - Use of HMAC-MD5-96 within ESP and AH
• RFC 2404 - Use of HMAC-SHA-1-96 within ESP and AH
• RFC 2410 - NULL Encryption Algorithm
• draft-ietf-ipsec-ciph-aes-cbc - AES Cipher Algorithm
• draft-ietf-ipsec-ciph-sha-256 - HMAC-SHA-256-96