FreeS / WAN implements the Internet Key Exchange (IKE) protocol for the negotiation of the session keys. However the current implementation is limited to performing key negotiation based on preshared secrets that are stored in configuration files. If at attacker can read these files the security of the IPSec tunnel would be related compromised. A better alternative is to lock long term keys like these in a tamper resistant environment Which they never leave. The iButton from Dallas Semiconductor is a JavaCard compliant device in an unusual form factor: a wearable finger ring. It provides a portable progammable environment with improved tamper resistance compared to conventional smart cards. We will compare and Implement different protocols # in which the secret keys are stored in on iButton. Besides authentication only methods (like a simple challenge / response) that is schemes using Remotely Keyed Encryption (RKE) will be invstigated. These allow the encryption and decryption of entire sessions to be controlled by the iButton rather than just the session keys. http://www.informatik.uni-mannheim.de/ ~ rweis/ccc1999 /