中文摘要：

IPSec已经十分成熟,但是为了特殊的安全需要,或者为了性能的提高,需要添加国密算法或算法的硬件实现到IPSec。该文分析了Openswan与Linux内核在协商与使用对称加密算法方面对IPSec的支持,并详细描述了如何添加新的对称加密算法到IPSec实现中。

英文摘要：

IPSec is mature now, when we meet some special security needs,or performance needs, we need and national encrypt algorithm or hardware implement into IPSec. In this paper, the support from Openswan and Linux kernel for IPSec in negotiating and using asymmetric encrypt algorithm is analyzed, and the approach of how to add new asymmetric encrypt algorithm into IPSec is described in detail.