Folks-
Here's an ad hoc list of known PEM implementations (and related
products) which I have kept for myself for some time now. I happended
to havew to update it today, and I thought I'd go ahead and share it
with the list, for informational purposes. All standard caveats
apply. Any mistakes are probably mine. I cannot guarantee anything.
At the same time, I invite folks to provide me with any information you
may have about PEM implementations (and related products), including
corrections or qualifications for any of the products listed on my
list, or any other products you may make, have or know about.
Assuming a reasonable response, I'll repost the revised list to the
PEM-DEV list in a few weeks.
Thanks,
-DB
David M. Balenson
Trusted Information Systems, 3060 Washington Rd., Glenwood, MD 21738 USA
balenson(_at_)tis(_dot_)com; tel 301.854.6889; fax 301.854.5363
-----
SOME KNOWN PEM IMPLEMENTATIONS
David M. Balenson <balenson(_at_)tis(_dot_)com>
Trusted Information Systems
(as of December 5, 1994)
Trusted Information Systems (TIS) (USA)
TIS/PEM
Stand-alone or integrated with MH UA. Easily integrated with other
SMTP-based UA's. Employs RSADSI's RSAREF implementation of RSA
cryptography. Written in C. Designed for UNIX platforms. Ported
to DEC VMS. Free for non-commercial use. Not exportable. Source
code obtained via anonymous to ftp.tis.com. Contact
tispem-info(_at_)tis(_dot_)com for information.
Trusted Information Systems (TIS) (USA)
TMAIL
Commercially supported version of TIS/PEM. Designed for UNIX
platforms. DOS/Windows version under development. Not
exportable. Contact Jim Litchko at TIS at 301-854-6889.
Trusted Information Systems (TIS) (USA)
TMAIL International
Commercially supported, exportable version of TIS/PEM. Uses RC2 or
RC4 for message encryption and RSA-512 for key management. Contact
Jim Litchko at TIS at 301-854-6889.
MIT (USA)
TechMail-PEM-a7
The TechMail electronic-mail system for the Macintosh, with
integrated PEM capabilities. Requires Apple Macintosh Plus or
later with hard disk, Apple Macintosh System 6.0.3 or later, Apple
MacTCP, and a POP3 post office/SMTP server connection. PEM
implementation uses RSADSI's TIPEM. Binary-only distribution.
Free for non-commercial use. Not exportable. Obtained from MIT
via anonymous FTP to net-dist.mit.edu:/pub/TechMail-PEM.
RSA Data Security Inc. (RSADSI) (USA)
RSAREF
Cryptographic toolkit designed for the development of Internet
Privacy-Enhanced Mail (PEM) implementations. Supports RSA
encryption and key generation, MD2 and MD5 message digests, and DES
CBC encryption. Written in C. Designed to be platform
independent. Free for non-commercial use. Not exportable. Source
code obtained via anonymous FTP to rsa.com. Contact
rsaref-administrator(_at_)rsa(_dot_)com for more information.
RSA Data Security Inc. (RSADSI) (USA)
Toolkit for Interoperable Privacy Enhanced Messaging (TIPEM)
Developers' toolkit for the development of electronic mail,
electronic forms or TCP/IP messaging applications that can conform
to PKCS, Internet PEM, and CCITT X.400 '88 standards. Provides
high-level cryptographic constructs and algorithms, RSA Digital
Envelopes, DES or RC2 bulk encryption, and RSA Digital Signatures.
Includes support for standardized cryptographic constructs, such as
CCITT X.509 certificates. Commercial product. Written in C.
Designed to be platform independent. Contact Kurt Stammberger at
RSADSI at 415-595-8782 for further information.
RSA Data Security Inc. and BBN (USA)
Certificate Issuing System (CIS)
RSADSI's turnkey solution for issuing digital certificates. The
CIS integrates digital authentication technology with distributed
authorization. The system is integrated with a Certificate Signing
Unit (CSU) and a relational database for key and certificate
management. Runs on Apple Macintosh. Classic, SE, SE/30, LC or
other Macintosh family, Powerbook family, and Quadra family
computers. Commercial product. Contact Kurt Stammberger
at RSADSI at 415-595-8782 for further information.
Mark Riordan (Michigan State University, USA)
RIPEM
Riordan's Internet Privacy Enhanced Mail (RIPEM) is a (not yet
complete, but useful) implementation of Privacy Enhanced Mail
(PEM). Based on RSAREF. Not exportable. Available via
non-anonymous ftp for users in the U.S and Canada from
ripem.msu.edu. Contact Mark Riordan
<mrr(_at_)scss3(_dot_)cl(_dot_)msu(_dot_)edu>.
Mark Riordan (Michigan State University, USA)
RIPEM/SIG
An exportable signature-only version of RIPEM 1.2a. Executables
only. Available via anonymous ftp from ripem.msu.edu. Contact
Mark Riordan <mrr(_at_)scss3(_dot_)cl(_dot_)msu(_dot_)edu>.
COST Computer Security Technologies AB (Sweden)
COST-PEM
Secure Internet PEM system consisting of PEM servers and PEM user
agents for PC/Windows, Macintosh, and UNIX computers. Includes
COST-TTP, an X.509/PEM certificate management system. Commercial
product. Contact Sead Muftic at COST at +46-8-16 16 92; fax:
+46-8-739-1839; email: sead(_at_)dsv(_dot_)su(_dot_)se(_dot_)
University College London (UCL) (UK)
UK DRA-PEM
Currently offered as part of OSI Security Pilot Software Package,
which has been developed and is being distributed by the UK
PASSWORD Consortium. (PASSWORD is a European Community-sponsored
VALUE program, comprised of consortia from France, Germany and the
UK, who are working to establish a pilot security infrastructure
for network applications for the European rsearch community. The
consortium has developed secured applications based on the CCITT
X.509 Directory Authentication Framework. These applications
include an X.509 Toolkit (OSISEC), Secure X.500 (Secured
ISODE/QUIPU), Secure X.400 (SecXUA), Secure ODA (DOCSEC), and
Privacy Enhanced Mail (PEM)(DRA-PEM)). DRA-PEM includes support
for X.500 directories and includes CA software. It is built over
ISODE/QUIPU and uses the OSISEC toolkit. Written in C, the
software is UNIX-based. It was developed under SunOS, but is
designed to be portable to other UNIX platforms. Complete source
code distributed via anonymous FTP to cs.ucl.ac.uk. Contact
password-pilot(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk for more information.
DRA is the UK
Defense Research Agency (formerly RSRE).
Cambridge University (UK)
Part of EC-sponsored PASSWORD project. Supports both symmetric and
asymmetric key management. Includes support for use of X.500
directories and includes CA software. Subject of experimentation
with alternative algorithms, including DSA/SHA.
GDM (Germany)
SecuDE PEM
Distributed as part of SecuDE-4.2 (Security Development
Environment), a security toolkit for Unix systems which was
developed as part of the EC-sponsored PASSWORD programme. Provides
a standalone PEM filter for enhancing and de-enhancing PEM
messages. Supports the certification and CRL procedures and is
integrated into the SecuDE CA functionality. May be configured
with an integrated X.500 DUA which allows, for instance, automatic
retrieval of certificates and CRLs. Written in C. Complete source
code available via anonymous FTP to darmstadt.gmd.de. Contact
schneider(_at_)darmstadt(_dot_)gmd(_dot_)de for further information. GMD is
Gesellschaft fuer Mathematik und Datenverarbeitung.
Inria (France)
Part of EC-sponsored PASSWORD project. Includes support for use of
X.500 directories and includes CA software. No known availability
or contact information.
Fujitsu Labs (Japan)
FJPEM v1.1
PEM implementation using Osisec RSA library and GNU DES library.
Runs on about 10 platforms including Sun, Sony, IBM, and (of
course) Fujitsu. Interfaces to several MTAs; mhe, rmail, VM, mh.
Available via anonymous ftp to numerous sites in Japan, including
sh.wide.ad.jp:/WIDE/free-ware/fjpem/fjpem1.1.tar.Z.
-----