NIST logo
Bookmark and Share

Sheila Frankel


IPsec Technology Project
The NIST IPsec Project is concerned with providing authentication, integrity and confidentiality security services at the Internet (IP) Layer, for both the current IP protocol (IPv4) and the next generation IP protocol (IPv6). Current efforts are concentrated on IPv4 because of the high level of interest in fielding Internet security technology as rapidly as possible. Implementing IPsec requires modifications to the system's communications routines and a new systems process that conducts secret key negotiations. The main deliverables of the NIST IPsec project are:

Cerberus - adds IP communications security to the system

PlutoPlus - conducts secret key negotiations and management

IPsec-WIT - an interactive Web-based interoperability tester that uses Cerberus and PlutoPlus to enable developers and users to test the interoperability of their systems or to demonstrate IPsec's functionality

I am responsible for the Key Negotiation and Management aspects of the project, which involves the following tasks:

  • extend and enhance PlutoPlus and ensure that it conforms to the latest Internet drafts
  • extend IPsec-WIT to enable negotiated keys, in addition to manually established keys
  • add Key Negotiation test cases to IPsec-WIT
  • work with the Internet Engineering Task Force (IETF) to further the development of the Internet Security (IPsec) and Internet Key Exchange (IKE) protocols
  • Computer Security Tools

Publications and Presentations:


Computer Scientist
Computer Security Division
Security Components and Mechanisms Group

Phone: 301-975-3297
Fax: 301-975-8387