MPPE/MPPC kernel module for Linux

Jan Dubiec

Revision History
Revision $Id: mppc.sgml,v 1.13 2005/09/05 17:32:55 jdx Exp jdx $

Table of Contents
About MPPE and MPPC
Why have I written this module?
Known bugs

About MPPE and MPPC

MPPE stands for Microsoft Point-to-Point Encryption. It is a protocol designed for transfering encrypted datagrams over point-to-point links. See RFC3078 and RFC3079 for details.

MPPC stands for Microsoft Point-to-Point Compression. It is a protocol designed for transfering compressed datagrams over point-to-point links. The MPPC algorithm uses an LZ based algorithm with a sliding window history buffer. See RFC2118 for details.

Although the module's source code is completely free, MPPC itself is patented algorithm. Patent for *Microsoft* PPC is holded by the Hifn Inc. This is obvious ;-). Furthermore, MPPE uses RC4[1] encryption algorithm which itself isn't patented, but RC4 is trademark of RSA Data Security Inc. To avoid legal problems, US citizens shouldn't use this module.

OK, you have been warned, now you can do whatever you want.

MPPE/MPPC violate Compression Control Protocol: when decompression error occurs, receiver sends CCP ResetReq, sender resets the compressor but doesn't send CCP ResetAck which it should do if it would be fully CCP compliant. In my opinion it's very funny - probably guys from Hifn Inc. didn't want to pay royalties to Motorola which holds patent on this "technology". ;-) I love software patents. ;-)

Why have I written this module?

Besides Stac LZS, MPPC seems to be the most common compression algorithm used in (remote/network) access servers. On the one hand Internet Service Providers often set up their AS to support only the two mentioned algorithms and on the other hand AS often support only those algorithms - in my opinion this is result of implementation MPPC/MPPE and LZS in silicon. See if you want to know more or if you want to buy such a chip. So they are de facto standards; Hifn's marketroids call them even industry standards. :-) At the client side, MPPE/MPPC is of course supported by Microsoft operating systems.

Some day, digging in the Net, I found MPPE implementation at[2] I thought that it would be good to complete that code with MPPC and make it freely available. So I wrote MPPC part and added support for 56 bit keys in MPPE.


Current software
File nameDescription
linux-2.6.13-mppe-mppc-1.3.patch.gz patch for kernel 2.6.13
linux-2.4.31-mppe-mppc-1.3.patch.gz patch for kernel 2.4.31
ppp-2.4.3-mppe-mppc-1.1.patch.gz patch for pppd-2.4.3

Older stuff
File nameDescription
linux-2.6.12-mppe-mppc-1.3.patch.gz patch for kernel 2.6.12
linux-2.6.11-mppe-mppc-1.3.patch.gz patch for kernel 2.6.11
linux-2.6.10-mppe-mppc-1.2.patch.gz patch for kernel 2.6.10
linux-2.6.9-mppe-mppc-1.2.patch.gz patch for kernel 2.6.9
linux-2.6.9-mppe-mppc-1.1.patch.gz patch for kernel 2.6.9; see also Bugs section
linux-2.6.8-mppe-mppc-1.1.patch.gz patch for kernel 2.6.8; see also Bugs section
linux-2.6.7-mppe-mppc-1.0.patch.gz patch for kernel 2.6.7
linux-2.6.6-mppe-mppc-1.0.patch.gz patch for kernel 2.6.6
linux-2.6.5-mppe-mppc-1.0.patch.gz patch for kernel 2.6.5
linux-2.4.30-mppe-mppc-1.3.patch.gz patch for kernel 2.4.30
linux-2.4.29-mppe-mppc-1.3.patch.gz patch for kernel 2.4.29
linux-2.4.28-mppe-mppc-1.2.patch.gz patch for kernel 2.4.28
linux-2.4.28-mppe-mppc-1.1.patch.gz patch for kernel 2.4.28; see also Bugs section
linux-2.4.27-mppe-mppc-1.1.patch.gz patch for kernel 2.4.27; see also Bugs section
linux-2.4.26-mppe-mppc-1.0.patch.gz patch for kernel 2.4.26
ppp-2.4.2-mppe-mppc-1.1.patch.gz patch for pppd-2.4.2 (recommended), it uses my option naming scheme as described below; see manpage for details
ppp-2.4.2-stdopt-mppe-mppc-1.1.patch.gz patch for pppd-2.4.2, it uses option names compatible with original pppd-2.4.2; see manpage for details; for new pppd releases this version will not be maintained
ppp-2.4.2-mppe-mppc-1.0.patch.gz patch for pppd-2.4.2 (recommended), it uses my option naming scheme as described below; see manpage for details
ppp-2.4.2-stdopt-mppe-mppc-1.0.patch.gz patch for pppd-2.4.2, it uses option names compatible with original pppd-2.4.2; see manpage for details



By default pppd tries to negotiate MPPC and don't negotiate MPPE but will agree if peer wants encryption. If peer supports a few key lengths, according to RFC3078 pppd will choose the strongest one.

mppe suboptions:



I have no idea how to measure, in a simple way, (de)compressor performance when it runs in kernel space. So I have written a small program which uses the same (de)compression algorithm and runs in user space. It allows to estimate (de)compression speed and compression ratio. I have tested my code on Calgary Text Compression Corpus. The last row in the table below is result of tests on U.S. Constitution. I have run test on three machines:

Table 1. Estimated compressor/decompressor performance

FileCompression speed (kB/s)Decompression speed (kB/s)Comp. ratio (%)
System 1System 2System 3System 1System 2System 3

The table below presents performance of Hifn's MPPC implementation written in C. They have done tests on plain text file containing the U.S. Constitution. I haven't such old PC's so I couldn't repeat their tests. But my UltraSparc and their Pentium have comparable performance in fixed point therefore you can more or less estimate my implementation's quality. ;-) One can see that compressor is quite good, however decompressor needs some work.

Table 2. Hifn's compressor/decompressor performance

ProcessorCompression (kB/s)Decompression (kB/s)
486DX2 66MHz8091648
Pentium 150MHz26455497


2005-02-02; version 1.3:

2004-11-23; version 1.2:

2004-08-15; version 1.1:

2004-04-09; version 1.0:

2004-04-04; version 1.0-test1:

2004-03-05; version 0.99:

2003-08-07; version 0.98:

2003-07-17; version 0.97:

2002-11-23; version 0.96:

2002-11-20; version 0.95:

2002-08-30; version 0.94:

2002-08-20; version 0.93:

2002-06-28; version 0.92:

Known bugs


Acknowledgements go to:


If you have found a bug or have any comments, improvements, etc. do not hesitate to send them to .

If you have questions regarding set up, please make sure that your problem is not trivial. A lot of people use the module successfully, so probably you are making a mistake. I am sorry, I am tired to write the same answers over and over again. Trivial problems will be simply ignored.

Because English is not my native language, any corrections are welcome.



Due to trademark RC4 algorithm is also known as ARCFOUR, ARCfour, Arcfour or ARC4


The page has moved to