Host Identity Protocol (HIP)

The Foundation for Zero Trust Networking


HIP is the result of over 20 years of development, testing, and deployment in co-ordination with companies such as Ericsson, Nokia, and Verizon, as well as standards bodies such as the Trusted Computing Group, IEEE 802, before being officially ratified in 2015 by the Internet Engineering Task Force (IETF).

Tempered Networks is the first and only commercially available solution that uses HIP as the standard for zero trust networking.


"No doubt about it –this Hall of Famer (Tempered Networks) took the open standard HIP and turned it into what may become the most important security innovation since encryption itself became mainstream in cyberspace."

Peter Stephenson
Lab Director and Technology Editor, SC Magazine


The Cause of Network Complexity and Security Exploits

The current TCP/IP architecture is the foundation of Internetworking but still lacks core functions that impact network mobility and expose us to security exploits that routers, firewalls, and VPNs cannot address.

Because the TCP/IP suite uses IP addresses as the base attribute to enable communication between machines, their role obviously has a central and significant impact. Traditional network and security systems use these addresses as both machine locators and network interface identifiers at the same time, a dual role that was never intended. TCP/IP is also promiscuous; it's designed to respond to any request with no way to natively verify the authenticity of the source. In the past we have attempted to cover this gap by layering controls on top rather than addressing the gap itself.

The original design intent of an address was to serve only as locators, not as an identity. Yet all of our network and security policies are in some way based on using this non-verifiable attribute to allow or deny the forwarding of packets between systems. The lack of unique identity and network authentication before transport is established has left our networks open to security exploits. The tight coupling of address to transport complicates and often prevents end-to-end network mobility, especially when crossing address realms.


These limitations create three significant problems:

  • Changing the host address directly is not possible without interrupting transport layer connections.
  • There is no consistent and verifiable identity for machines in IP networks exposing us to spoofing.
  • Lack of mutual authentication and authorization of machine communication opens us to north-south and east-west attacks.


Although many of these problems have been widely recognized for some time, a complete and simple solution was still missing. The Host Identity Protocol was designed to solve these limitations. Our customers have been able to prove that HIP is the simplest way to address the cause and eliminate the symptoms of network complexity, immobility, and vulnerability without disrupting any existing network or security infrastructure.



"If I could turn back time, I would go back and do a better job on trusted authentication and mobility, which we did a very poor job with and are paying for now with additional work."

Vint Cerf
Co-Creator of the Internet and TCP/IP


Abstracting the IP Layer With Verifiable Machine Identities

HIP is a secure tunneling protocol that enables host mobility and multi-homing in a simple yet elegant way. It was designed to be part of the TCP/IP stack, native to the OS, but can also function as a gateway for systems where HIP can't be installed directly.

HIP separates the role of IP address as both host identity and location. It enables us to define network trust relationships by cryptographic machine identities at the individual device level, while addresses are restored to their original role - location. HIP's seamless abstraction of the network address from the transport makes it both backward and forward compatible with any IP-based network, application, or resource. The separation of location and identity eliminates much of the complexity and constraints that make secure networking impossible.

Peer-to-peer encrypted connectivity is not only possible now, but very simple and practical, no matter which networks HIP-enabled systems may be using.


Self-Generating Key Pairs

HIP self-generates its public-private key pair and provides a simpler and more efficient key exchange than IPsec. The advantage of HIP is the combination of strong cryptography and authentication, encapsulation, and universal mobility. Designed with native security, HIP protects against DDOS, MiTM attacks, IP spoofing and other types of network and transport layer attacks.


Building Networks We Can Finally Trust

It’s been 50 years since TCP/IP was born and the industry has spent much of the last two decades attempting to fix the symptoms without addressing the cause. We have spent large sums of time, money, and personnel layering a complex chain of technologies on top of IP networks only to add more complexity. We endure even slower provisioning times coordinating between network and security teams attempting to tighten security and we still get hacked.

Our application of HIP as the foundation for trusted networks seamlessly integrates strong cryptographic identities and authentication for all connected systems, while making it easy to centrally orchestrate policy. The results are overlay networks that are simple to deploy and manage, mobile, and secured in a manner the previously wasn't possible.

HIP allows us to easily transition from address defined networking to identity defined network so we can secure our critical infrastructure and quickly build networks we can now trust.

Best of all, we're able to deliver a better way to network for a fraction of the cost any alternative.