From Virtual Private Networks: Making the Right Connection
Chapter 5: Encryption
Encryption is what puts the "private" in virtual private networks. Without encryption, information fowing over a public network such as the Internet is transmitted openly. Such traffic can be intercepted and read by common sniffing techniques, making it anything but private. Readily available programs such as protocol analyzers or the network diagnostic tools built into some of today's operating systems can easily see the information as it is sent. Encrypting the data ensures that it won't be read by unauthorized users, ensuring confidentiality; confidentiality, authentication, and integrity are the three properties of a cryptosystem.
In this chapter, we'll look at the two basic types of encryption, known as secret key, or symmetric, encryption and public key, or asymmetric, encryption. The importance of key length in security will be discussed, along with the danger of relying strictly on key length to judge the strength of a cryptosystem. We'll see how the different types of encryption are used to build systems that provide for secure key exchanges and effective and fast encryption of VPN sessions. Finally, we'll discuss authentication, or the use of what are known as digital signatures so that the recipient can be certain of whom the data came from and that it hasn't been tampered with.
One important point to be made here is that when we refer to "users" in this chapter, we're not necessarily talking about individual people. Every entity on a VPN that needs to exchange data with other...

Products & Services
Data Security Software
Data security software restricts access to stored data and processes on a computer or server. These applications are designed to prevent data loss, corruption, or disclosure of sensitive information.
WiFi and WiMAX Wireless Chips
WiFi wireless chips and WiMAX wireless chips are used in fixed broadband wireless access networks that use point-to-multipoint architecture.
Smart Card Chips
Smart card chips contain a microprocessor and/or memory. They are embedded in smart cards; portable devices that resemble credit cards but are used in applications such as banking and health care.
E-Mail Software
E-mail software allows users to send e-mail, a form of electronic messaging that allows computer users to communicate.
VoIP Software
VoIP software is used to conduct telephone-like voice conversations across IP-based networks.

Topics of Interest

Chapter 6: User Authentication, Authorization, and Key Management Overview Encryption is only as effective as the system that controls the access to keys. In a VPN, as with almost any network, there...

2.7 Asymmetric Cryptosystems and Digital Signatures We now turn our attention to asymmetric cryptosystems. We review basic concepts of public key encryption, digital signatures, the necessary...

Glossary AH (authentication header) In the IPSec protocol, the optional header that contains information for authenticating the data in the packet. asymmetric encryption A system of encryption,...

Q: What does it mean to “encrypt” a file or message? When you encrypt a file, you translate the original contents into a code to keep the file secret. Data encryption software uses advanced...

1. Security provided by Infrastructure or Application Images and videos (often denoted as visual data) are data types which require enormous storage capacity or transmission bandwidth due to the...