go to NIST home page go to CSRC home page go to Focus Areas page go to Publications page go to Advisories page go to Events page go to Site Map page go to ITL home page CSRC home page link
header image with links

Mission
Current Projects
Staff
- Archived Projects
   Random Number Generation
       & Testing
   Encryption Key Recovery
   NISS Conference
CSRC Home

 Advisories

List of Acroynms

     Projects
Cryptographic Standards
 & Applications
-  Advanced Encryption
   Standard
-  Cryptographic Toolkit
Encryption Key Recovery
   Demo. Project
-  Public Key
   Infrastructure
-  Random Number
   Generator

Security Testing
-  Automated System
   Security Evaluation Tool
-  Cryptographic Module
   Validation Program
-  IPSec
NIAP

Security Research &
Emerging Technology
-  Authorization Management &
   Advanced Access Control Models
-  Critical Infrastructure Protection
   Grants Program
-  Common Criteria
-  ICAT Vulnerability Database
-  IPSec
-  Mobile Agents Intrusion
   Detection & Security
-  Smart Card Security
   and Research

Security Management
& Guidance
-  Computer Security Expert
   Assist Team
-  Policies
-  Security Guidance

Outreach, Awareness
& Education
-  Awareness, Training
   & Education
-  CSSPAB
Federal Agencies
   Security Practices
-  Federal Computer Securty
   Program Managers' Forum
-  Small Business Computer
   Security Workshops
-  FISSEA
-  Archive of NISSC

     News & Events  
 - Federal News
 - Security Events

     Services For the: 
 - Federal Community
 - Vendor
 - User

    Links & Organizations  
 - Academic
 - Government
 - Professional
 - Additional Links

     General Information
 - Site Map
 - Virus Information

   Search CSRC
  
  
  Search Vulnerability
     Archive
   Enter vendor, software, or keyword
   
   

Sheila Frankel header image

Computer Scientist
National Institute of Standards and Technology
Computer Security Division
Phone: 301-975-3297
Fax: 301-948-0279
E-mail address

Projects:

The NIST IPsec Project is concerned with providing authentication, integrity and confidentiality security services at the Internet (IP) Layer, for both the current IP protocol (IPv4) and the next generation IP protocol (IPv6). Current efforts are concentrated on IPv4 because of the high level of interest in fielding Internet security technology as rapidly as possible. Implementing IPsec requires modifications to the system's communications routines and a new systems process that conducts secret key negotiations. The main deliverables of the NIST IPsec project are:

  • Cerberus - adds IP communications security to the system
  • PlutoPlus - conducts secret key negotiations and management
  • IPsec-WIT - an interactive Web-based interoperability tester that uses Cerberus and PlutoPlus to enable developers and users to test the interoperability of their systems or to demonstrate IPsec's functionality


I am responsible for the Key Negotiation and Management aspects of the project, which involves the following tasks:

  • extend and enhance PlutoPlus and ensure that it conforms to the latest Internet drafts
  • extend IPsec-WIT to enable negotiated keys, in addition to manually established keys
  • add Key Negotiation test cases to IPsec-WIT
  • work with the Internet Engineering Task Force (IETF) to further the development of the Internet Security (IPsec) and Internet Key Exchange (IKE) protocols

Publications and Presentations:
 :
Last updated: April 8, 2004
Page created: February 23, 2001
Disclaimer Notice & Privacy Statement / Security Notice
Send comments or suggestions to webmaster-csrc@nist.rip
NIST is an Agency of the U.S. Commerce Department's Technology Administration