MPPE/MPPC kernel module for Linux

Jan Dubiec

Revision History
Revision $Id: mppc.sgml,v 1.13 2005/09/05 17:32:55 jdx Exp jdx $

Table of Contents
About MPPE and MPPC
Why have I written this module?
Download
Installation
Usage
Performance
Changes
Known bugs
Acknowledgements
Feedback

About MPPE and MPPC

MPPE stands for Microsoft Point-to-Point Encryption. It is a protocol designed for transfering encrypted datagrams over point-to-point links. See RFC3078 and RFC3079 for details.

MPPC stands for Microsoft Point-to-Point Compression. It is a protocol designed for transfering compressed datagrams over point-to-point links. The MPPC algorithm uses an LZ based algorithm with a sliding window history buffer. See RFC2118 for details.

Although the module's source code is completely free, MPPC itself is patented algorithm. Patent for *Microsoft* PPC is holded by the Hifn Inc. This is obvious ;-). Furthermore, MPPE uses RC4[1] encryption algorithm which itself isn't patented, but RC4 is trademark of RSA Data Security Inc. To avoid legal problems, US citizens shouldn't use this module.

OK, you have been warned, now you can do whatever you want.

MPPE/MPPC violate Compression Control Protocol: when decompression error occurs, receiver sends CCP ResetReq, sender resets the compressor but doesn't send CCP ResetAck which it should do if it would be fully CCP compliant. In my opinion it's very funny - probably guys from Hifn Inc. didn't want to pay royalties to Motorola which holds patent on this "technology". ;-) I love software patents. ;-)


Why have I written this module?

Besides Stac LZS, MPPC seems to be the most common compression algorithm used in (remote/network) access servers. On the one hand Internet Service Providers often set up their AS to support only the two mentioned algorithms and on the other hand AS often support only those algorithms - in my opinion this is result of implementation MPPC/MPPE and LZS in silicon. See http://www.hifn.com if you want to know more or if you want to buy such a chip. So they are de facto standards; Hifn's marketroids call them even industry standards. :-) At the client side, MPPE/MPPC is of course supported by Microsoft operating systems.

Some day, digging in the Net, I found MPPE implementation at http://mirror.binarix.com/ppp-mppe/.[2] I thought that it would be good to complete that code with MPPC and make it freely available. So I wrote MPPC part and added support for 56 bit keys in MPPE.


Download

Current software
File nameDescription
linux-2.6.13-mppe-mppc-1.3.patch.gz patch for kernel 2.6.13
linux-2.4.31-mppe-mppc-1.3.patch.gz patch for kernel 2.4.31
ppp-2.4.3-mppe-mppc-1.1.patch.gz patch for pppd-2.4.3

Older stuff
File nameDescription
linux-2.6.12-mppe-mppc-1.3.patch.gz patch for kernel 2.6.12
linux-2.6.11-mppe-mppc-1.3.patch.gz patch for kernel 2.6.11
linux-2.6.10-mppe-mppc-1.2.patch.gz patch for kernel 2.6.10
linux-2.6.9-mppe-mppc-1.2.patch.gz patch for kernel 2.6.9
linux-2.6.9-mppe-mppc-1.1.patch.gz patch for kernel 2.6.9; see also Bugs section
linux-2.6.8-mppe-mppc-1.1.patch.gz patch for kernel 2.6.8; see also Bugs section
linux-2.6.7-mppe-mppc-1.0.patch.gz patch for kernel 2.6.7
linux-2.6.6-mppe-mppc-1.0.patch.gz patch for kernel 2.6.6
linux-2.6.5-mppe-mppc-1.0.patch.gz patch for kernel 2.6.5
linux-2.4.30-mppe-mppc-1.3.patch.gz patch for kernel 2.4.30
linux-2.4.29-mppe-mppc-1.3.patch.gz patch for kernel 2.4.29
linux-2.4.28-mppe-mppc-1.2.patch.gz patch for kernel 2.4.28
linux-2.4.28-mppe-mppc-1.1.patch.gz patch for kernel 2.4.28; see also Bugs section
linux-2.4.27-mppe-mppc-1.1.patch.gz patch for kernel 2.4.27; see also Bugs section
linux-2.4.26-mppe-mppc-1.0.patch.gz patch for kernel 2.4.26
ppp-2.4.2-mppe-mppc-1.1.patch.gz patch for pppd-2.4.2 (recommended), it uses my option naming scheme as described below; see manpage for details
ppp-2.4.2-stdopt-mppe-mppc-1.1.patch.gz patch for pppd-2.4.2, it uses option names compatible with original pppd-2.4.2; see manpage for details; for new pppd releases this version will not be maintained
ppp-2.4.2-mppe-mppc-1.0.patch.gz patch for pppd-2.4.2 (recommended), it uses my option naming scheme as described below; see manpage for details
ppp-2.4.2-stdopt-mppe-mppc-1.0.patch.gz patch for pppd-2.4.2, it uses option names compatible with original pppd-2.4.2; see manpage for details


Installation


Usage

By default pppd tries to negotiate MPPC and don't negotiate MPPE but will agree if peer wants encryption. If peer supports a few key lengths, according to RFC3078 pppd will choose the strongest one.

mppe suboptions:

Examples:


Performance

I have no idea how to measure, in a simple way, (de)compressor performance when it runs in kernel space. So I have written a small program which uses the same (de)compression algorithm and runs in user space. It allows to estimate (de)compression speed and compression ratio. I have tested my code on Calgary Text Compression Corpus. The last row in the table below is result of tests on U.S. Constitution. I have run test on three machines:

Table 1. Estimated compressor/decompressor performance

FileCompression speed (kB/s)Decompression speed (kB/s)Comp. ratio (%)
System 1System 2System 3System 1System 2System 3
bib10086.9314753.8283207.12112237.3775723.5202539.480171.010
book18696.1574264.4471809.04210649.9195176.5741203.200149.354
book29798.2834693.3402298.62611124.8385531.9831797.771171.507
geo7897.7663808.1682683.9439529.1854871.5963733.165127.646
news9723.5414657.0272288.26012264.2845827.1863510.781170.350
obj19317.8334553.1493296.66310377.2695472.7524403.226178.902
obj211322.5545282.3842573.53212572.3725958.9862999.313212.381
paper110524.1124856.4293424.70912272.9425704.1544527.328177.339
paper29646.1704594.1873224.55111498.0725417.3254367.929165.012
paper39308.9494397.8513103.51311185.5115255.3284297.068159.036
paper49283.3904497.1453377.5879536.3784884.5234073.612166.283
paper59080.8864413.3533394.95910355.4945060.9364196.896169.584
paper610129.7194776.0343419.48711673.1995501.8724565.793180.789
pic22563.89510419.7905630.80919994.5919480.6613201.187613.059
progc10774.7564978.6303522.63712358.9675734.2874577.637190.860
progl13070.9526110.1244183.99113913.4116591.2425226.008249.082
progp13493.3726297.4094266.82413898.2786570.4345202.425262.097
trans12573.3965953.1074028.04414286.5916625.6005258.448233.957
constitu.txt10905.6445143.0113580.40711864.5155567.3504629.175193.562

The table below presents performance of Hifn's MPPC implementation written in C. They have done tests on plain text file containing the U.S. Constitution. I haven't such old PC's so I couldn't repeat their tests. But my UltraSparc and their Pentium have comparable performance in fixed point therefore you can more or less estimate my implementation's quality. ;-) One can see that compressor is quite good, however decompressor needs some work.

Table 2. Hifn's compressor/decompressor performance

ProcessorCompression (kB/s)Decompression (kB/s)
486DX2 66MHz8091648
Pentium 150MHz26455497


Changes

2005-02-02; version 1.3:

2004-11-23; version 1.2:

2004-08-15; version 1.1:

2004-04-09; version 1.0:

2004-04-04; version 1.0-test1:

2004-03-05; version 0.99:

2003-08-07; version 0.98:

2003-07-17; version 0.97:

2002-11-23; version 0.96:

2002-11-20; version 0.95:

2002-08-30; version 0.94:

2002-08-20; version 0.93:

2002-06-28; version 0.92:


Known bugs


Acknowledgements

Acknowledgements go to:


Feedback

If you have found a bug or have any comments, improvements, etc. do not hesitate to send them to .

If you have questions regarding set up, please make sure that your problem is not trivial. A lot of people use the module successfully, so probably you are making a mistake. I am sorry, I am tired to write the same answers over and over again. Trivial problems will be simply ignored.

Because English is not my native language, any corrections are welcome.

Notes

[1]

Due to trademark RC4 algorithm is also known as ARCFOUR, ARCfour, Arcfour or ARC4

[2]

The page has moved to http://public.planetmirror.com/pub/mppe/