Opportunistic Encryption of IP traffic: FreeS/WAN 2.0

Russ Nelson writes "Since 1996, John Gilmore has dreamed of an Internet where all traffic between cooperating sites is encrypted. He has supported the FreeS/WAN project which uses IPSEC to encrypt IP traffic on an opportunistic encrypting basis. The team has released Linux FreeS/WAN 2.00, their first release optimized for Opportunistic Encryption (OE). After installation, ZERO host configuration is required for OE! A Linux box running 2.00 will encrypt all IP packets to other OE capable boxes whenever possible, provided you publish a key and IPsec gateway information in DNS." Nice.

The only..encryption..the NSA can crack is..DES

[apankrat]

The only widely used encryption algo that the NSA can crack is 56bit DES

Feel free to believe in this yourself, but please do not 'clear some things up' this way for other people. Everything that you've said is on the must be prefaced with It is commonly believed in my circles in block letters.

WTF is a 'brute force for public key encryption' ? Did you ever heard that assymetric key recovery is essentially a factoring challenge, which is never solved with brute forcing ?

The DES/NSA statement is simply hillarious. I guess it needless to say that unless you're an NSA insider, your words worth nothing.

And, dude, pubke encryption is not 'the only one that allows authentication'. It is in fact used for this purpose in some architectures, but there are plenty authentication schemes that do just fine and rely on other cyrptographic means.