IPsec - History

History

In December 1993, the experimental of IP Security swIPe (protocol) was researched at Columbia University and AT&T Bell Labs. In July 1994, Wei Xu at Trusted Information Systems continued this research. After several months, the research was completed successfully on BSDI system. By hacking the binary kernels, Wei had quickly extended his development on to Sun OS, HP UX, and other UNIX system. One of the challenges was slow performance of DES and 3DES. The software encryption can’t even support a T1 speed under the Intel 80386 architecture. By exploring the Crypto cards from Germany, Wei Xu further developed an automated device driver, known as plug-and-play today. By achieving the throughput for more than a T1s, this work made the commercial product practically feasible, that was released as a part of the well-known Gauntlet firewall. In December 1994, it was the first time in production for securing some of remote sites between east and west coastal states of the United States.

Another IP Security Protocol was developed in 1995 at the Naval Research Laboratory as part of a DARPA-sponsored research project. ESP was originally derived from the SP3D protocol, rather than being derived from the ISO Network-Layer Security Protocol (NLSP). The SP3D protocol specification was published by NIST, but designed by the Secure Data Network System project of the National Security Agency (NSA), AH is derived in part from previous IETF standards work for authentication of the Simple Network Management Protocol (SNMP).

Since 1996, the IP Security workshops were organized for standardizing the protocols. IPsec is officially specified by the Internet Engineering Task Force (IETF) in a series of Request for Comments documents addressing various components and extensions. It specifies the spelling of the protocol name to be IPsec.