Linux FreeS/WAN: Free Net Privacy Software

14 April 1999
Date: Wed, 14 Apr 1999 01:06:02 -0400 (EDT)
From: Henry Spencer <henry@spsystems.net>
To: cypherpunks@toad.com
cc: Hugh Daniel <hugh@toad.com>, John Gilmore <gnu@toad.com>
Subject: FreeS/WAN press release


	Strong Internet Privacy Software Free for Linux Users Worldwide

Toronto, ON, April 14, 1999 - 

The Linux FreeS/WAN project today released free software to protect
the privacy of Internet communications using strong encryption codes.
FreeS/WAN automatically encrypts data as it crosses the Internet, to
prevent unauthorized people from receiving or modifying it.  One
ordinary PC per site runs this free software under Linux to become a
secure gateway in a Virtual Private Network, without having to modify
users' operating systems or application software.  The project built
and released the software outside the United States, avoiding US
government regulations which prohibit good privacy protection.
FreeS/WAN version 1.0 is available immediately for downloading at

http://www.xs4all.nl/~freeswan/ .

"Today's FreeS/WAN release allows network administrators to build
excellent secure gateways out of old PCs at no cost, or using a cheap
new PC," said John Gilmore, the entrepreneur who instigated the
project in 1996.  "They can build operational experience with strong
network encryption and protect their users' most important
communications worldwide."

"The software was written outside the United States, and we do not
accept contributions from US citizens or residents, so that it can be
freely published for use in every country," said Henry Spencer, who
built the release in Toronto, Canada.  "Similar products based in the
US require hard-to-get government export licenses before they can be
provided to non-US users, and can never be simply published on a Web
site.  Our product is freely available worldwide for immediate
downloading, at no cost."

FreeS/WAN provides privacy against both quiet eavesdropping (such as
"packet sniffing") and active attempts to compromise communications
(such as impersonating participating computers).  Secure "tunnels" carry
information safely across the Internet between locations such as a
company's main office, distant sales offices, and roaming laptops.  This
protects the privacy and integrity of all information sent among those
locations, including sensitive intra-company email, financial transactions
such as mergers and acquisitions, business negotiations, personal medical
records, privileged correspondence with lawyers, and information about
crimes or civil rights violations.  The software will be particularly
useful to frequent wiretapping targets such as private companies competing
with government-owned companies, civil rights groups and lawyers,
opposition political parties, and dissidents. 

FreeS/WAN provides privacy for Internet packets using the proposed
standard Internet Protocol Security (IPSEC) protocols.  FreeS/WAN
negotiates strong keys using Diffie-Hellman key agreement with 1024-bit
keys, and encrypts each packet with 168-bit Triple-DES (3DES).  A modern
$500 PC can set up a tunnel in less than a second, and can encrypt
6 megabits of packets per second, easily handling the whole available
bandwidth at the vast majority of Internet sites.  In preliminary testing,
FreeS/WAN interoperated with 3DES IPSEC products from OpenBSD, PGP, SSH,
Cisco, Raptor, and Xedia.  Since FreeS/WAN is distributed as source code,
its innards are open to review by outside experts and sophisticated users,
reducing the chance of undetected bugs or hidden security compromises.

The software has been in development for several years.  It has been
funded by several philanthropists interested in increased privacy on
the Internet, including John Gilmore, co-founder of the Electronic
Frontier Foundation, a leading online civil rights group.

Press contacts:
Hugh Daniel,   +1 408 353 8124, hugh@toad.com
Henry Spencer, +1 416 690 6561, henry@spsystems.net

* FreeS/WAN derives its name from S/WAN, which is a trademark of RSA Data
  Security, Inc; used by permission.

	-30-


To: bernstein-announce@toad.com, gnu@toad.com
Subject: What I Did On My 9th Circuit Vacation...  (FreeS/WAN 1.00)
Date: Wed, 14 Apr 1999 00:35:03 -0700
From: John Gilmore <gnu@toad.com>

There's no news from the 9th Circuit Court of Appeals regarding
their decision in the Bernstein case.  We are still waiting.

That said, I thought most of the people on the bernstein-announce list
would appreciate today's news of my efforts on another encryption
front -- good free software for automatic Internet packet encryption.
(Please complain to me if you find this inappropriate.)

Today is the release of "version 1.00" of this FreeS/WAN software.  I
started the project in 1996; it's taken three years to get to a solid
release that only does about half of what I want.  It's a start at

automatic and transparent, rather than user-controlled and
user-visible, encryption of Internet traffic.  It's designed to secure
entire networks' Internet traffic, at the gateway, without changing
any hardware or software on the clients or servers.  Using gateways
built out of ordinary cheap PC hardware, running free open source
software based on Linux.  Providing strong encryption, yet legally
downloadable worldwide.

The idea wasn't hard, but almost all the details are much harder than
I expected.  We're working them out, step by step, in collaboration
with a huge cast of people all over the industry.  Today's release
commemorates the maturity of the first big set of protocols and code.
I encourage you to try it, and to tell your friends if you like it.

Thank you for your interest in encryption and privacy.  I hope to have
some good news from the Ninth Circuit for you "real soon now".

	John Gilmore