1 \subsection{023: standard crypto api to add newer ciphers and hashes}
3 \subsubsection{023: Definition of requirement }
5 The current KLIPS1 encapsulation and decapsulation routines make explicit
6 synchronous calls to the 3DES encrypt and decrypt functions. This causes
9 \item it makes it difficult to add new algorithms, both at compile time and
11 \item it fails to make use of multiprocessor systems effectively
12 \item it fails to interface nicely to hardware acceleration devices
15 A standard API from FreeSWAN KLIPS to algorithm functions (e.g. 3DES-MD5-ESP)
16 would provide for plug and play capabilities for algorithms.
18 An asynchronous interface would permit multiple processors or hardware
19 accelerators to interface easily as well.
21 Despite this, the packets must still emerge from the system in the same order
22 that they arrived. That is, they must not be reordered, as this causes
23 inefficiencies for TCP.
25 \subsubsection{023: response}
27 A design to use an asynchronous interface to algorithms will be provided as
30 The design proposed by Bart Trojanowski (rsa1) <bart@jukie.net> will be used