StrongSwan
Overview
IPsec
Internet Protocol Security is a protocol suite for securing Internet Protocol communications by authenticating and encrypting each IP packet of a communication session...
implementation for Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
2.6 and 3.x kernels.
As a descendant of the FreeS/WAN
FreeS/WAN
FreeS/WAN, for Free Secure Wide-Area Networking, was a free software project, which implemented a reference version of the IPsec network security layer for Linux and other Unix-like operating systems. The project goal of ubiquitous opportunistic encryption of Internet traffic was not realized,...
project, it continues to be released under the GPL
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
license. The project is actively maintained by Andreas Steffen who is a professor for Security in Communications at the University of Applied Sciences in Rapperswil
Rapperswil
Rapperswil-Jona is a municipality in the Wahlkreis of See-Gaster in the canton of St. Gallen in Switzerland.Besides Rapperswil and Jona, which were separate municipalities until 2006, the municipality includes Bollingen, Busskirch, Curtiberg, Kempraten-Lenggis, Wagen, and Wurmsbach.-Today:On...
, Switzerland. The focus of the strongSwan project is on strong authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
mechanisms using X.509
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
public key certificate
Public key certificate
In cryptography, a public key certificate is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth...
s and optional secure storage of private keys on smartcards through a standardized PKCS#11
PKCS11
In cryptography, PKCS #11 is one of the family of standards called Public-Key Cryptography Standards , published by RSA Laboratories, that defines a platform-independent API to cryptographic tokens, such as Hardware Security Modules and smart cards...
interface.