What is the KRYPTOLAN protocol?

Question

I've searched for a while and can't seem to find any information on what KRYPTOLAN is.

For the transport layer, IP protocol number 0x41 is assigned.

In addition, ports 398/udp and 398/tcp are also assigned, so an application layer protocol may exist in addition to the transport layer protocol.

Does anyone have details on what the purpose of KRYPTOLAN is and how it works?

It might be useful to tag this post with "layer-4", but I don't seem to have enough points to create a new tag. — Jon Bringhurst, Jan 06 '14 at 17:07
Since it's a layer 4 protocol, I find it interesting that it has a tcp and udp port number assigned at all. Perhaps an application layer protocol exists in addition to the transport one. — Jon Bringhurst, Jan 06 '14 at 17:22
@JonBringhurst an infamous L3 protocol suite also has TCP and UDP port numbers assigned as well. IPSEC was the name, I believe. — the-wabbit, Jan 06 '14 at 17:50

the-wabbit · Answer 1 · 2014-01-06T17:53:25.147

I don't know any details either and never heard of the protocol before, it seems like it is arcane and long-forgotten.

Cisco has this:

Full Name: kryptolan

Description: LAN/WAN Krypto (LWK) is a infrastructure that provides two secure functions; transport protection and data object protection. It was developed by Sectra.

and it provides a reference to

http://liu.diva-portal.org/smash/get/diva2:16958/FULLTEXT01

which looks promising at the first glance since "Paul Liu" is the reference name given by the IANA for the KRYPTOLAN protocol in its published protocol numbers list, but this is just a naming coincidence since "liu" is "Linköping University" in this case. And the referenced paper does deal with authentication models, but not with the subject of protocols at all, so whoever collected the Information for the Cisco database, did a bad job here. KRYPTOLAN seems to be a trademark held by Sectra since 1993, but I do not think it relates to the protocol registred with the IANA.

If you desperately are seeking protocol details, I would suggest asking Paul Liu himself. This one seems to be the right one to ask.

score 1 · Answer 2 · answered Jan 06 '14 at 18:14

Contrary to what syneticon surmises, the Sectra KRYPTOLAN is the one registered with IANA. The official listing in RFC1700 is

kryptolan       398/tcp    Kryptolan
kryptolan       398/udp    Kryptolan
#                          Peter de Laval <pdl@sectra.se>

Whatever it may once have been good for, it appears to now be defunct. A search on Sectra's own site returns no hits. Ditto for Peter Laval

If you're seeing traffic using that port, it's probably just assigned at random from the set of all free ports. If you see something listening on that port and you didn't configure it to do so, almost certainly malware. Tools such as netstat can help determine what piece of software is using the port.

What is the KRYPTOLAN protocol?

2 Answers2