From Libreswan
Revision as of 17:14, 12 July 2014 by Paul Wouters (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

History of The Libreswan Project

Libreswan has been under active development for over 15 years, going back to The FreeS/WAN Project founded in 1996 by John Gilmore and Hugh Daniel. The goal was to develop IPsec and DNS standards for encryption for use on the internet. The goal was to encrypt 5% of internet traffic per year, until the entire internet would only use encrypted communications.

At the time encryption was very uncommon, and free software implementing encryptions was scarce. SSLeay, the precursor to OpenSSL was being developed for encryption between web servers and clients. Most people were not thinking about nation state eavesdropping and monitoring, but the [ http://en.wikipedia.org/wiki/Crypto:_How_the_Code_Rebels_Beat_the_Government%E2%80%94Saving_Privacy_in_the_Digital_Age Crypto War] was raging. The goal of the freeswan software was to deploy widespread Opportunistic Encryption and make encryption ubiquitous before national security reasons could outlaw encryption for the public. To prevent the US government from claiming ownership of freeswan through National Security Letters ("NSLs"), Gilmore himself and other US citizens were not allowed to write any code for freeswan. This restriction caused a lot of harm because it prevented the freeswan code from being merged into the Linux kernel and made it much harder for individuals to deploy freeswan.

Meanwhile, corporations required secure connections over the internet and the need for Virtual Private Networks ("VPNs") was another motivation to develop a usable encryption standard. These also used IPsec but in various different ways to satisy the needs of different companies.

The standard that emerged from the Internet Engineering Task Force became known as the IPsec suite. It consists of many standards documents (RFC's) that handle the authentication via the Internet Key Exchange protocol and uses IPsec transforms to encrypt data. Various encryption and authentication algorithms are supported and standarized.

The public at large however, seemed less concerned about government eavesdropping. The Echelon spying network was revealed by Nicky Hager and had no noticable impact on the deployment of encrypted communications. Throughout the ninetees, not many people considered an unencrypted internet a real problem until the revelations of Edward Snowden in 2013. By that time, Gilmore had given up on his original freeswan goal. In July 2003, Gilmore and Paul Wouters met up at the Chaos Communications Camp near Berlin and devised a plan to continue freeswan development in the future.

From FreeS/WAN to Openswan