Categorized | Uncategorized

How VPN Encryption Works

How VPN Encryption Works

Encryption is the process of obscuring information to make it unreadable without special knowledge, key files, and/or Passwords. You could use encryption to secure files on your computer or the electronic messages you send to friends or colleagues. An encryption key tells the computer what computations to perform on data in order to encrypt or decrypt it.

We have two most common forms of encryption, which are symmetric-key encryption or public-key encryption:

In symmetric-key encryption, all computers (or users) share the same key used to both encrypt and decrypt a message.

In public-key encryption, each computer (or user) has a public-private key pair. One computer uses its private key to encrypt a message, and another computer uses the corresponding public key to decrypt that message.

In a VPN, the computers at each end of the tunnel encrypt the data entering the tunnel and decrypt it at the other end. However, a VPN needs more than just keys files to apply encryption. That’s where protocols come in. A site-to-site VPN could use either Internet protocol security protocol (IPSec) or generic routing encapsulation (GRE). GRE provides the framework for how to package the passenger protocol for transport over the Internet protocol (IP). This framework includes information on what type of packet you’re encapsulating and the connection between sender and receiver.

IPSec is a widely used protocol for securing traffic on IP networks, including the Internet. IPSec can encrypt data between various devices, including router to router, firewall to router, desktop to router, and desktop to server.

IPSec consists of two sub-protocols which provide the instructions a VPN needs to secure its packets. They are Encapsulated Security Payload (ESP) and Authentication Header (AH).

Encapsulated Security Payload (ESP) encrypts the data it’s transporting with a symmetric key.

Authentication Header (AH) uses a hashing operation on the packet header to help hide certain sensitive information like the sender’s identity until it gets to its destination. This makes the sender anonymous to a hacker.

Networked devices can use IPSec in one of two encryption modes. In transport mode, devices encrypt the data traveling between them. In tunnel mode, the devices build a virtual tunnel between two networks. VPNs use the later.

In a remote- access VPN, tunneling typically relies on Point-to-point Protocol (PPP) which is part of the native protocols used by the Internet. More accurately, though, remote-access VPNs use one of three protocols based on PPP:

L2F (Layer 2 Forwarding) — Developed by Cisco; uses any authentication scheme supported by PPP

PPTP (Point-to-point Tunneling Protocol) — Supports 40-bit and 128-bit encryption and any authentication scheme supported by PPP

L2TP (Layer 2 Tunneling Protocol) — Combines features of PPTP and L2F and fully supports IPSec; also applicable in site-to-site VPNs

VPNs do such a good job at to keep businesses connected around the world. That is why tunneling protocols, haven’t changed much in that time.

Encryption is the process of obscuring information to make it unreadable without special knowledge, key files, and/or Passwords. You could use encryption to secure files on your computer or the electronic messages you send to friends or colleagues. An encryption key tells the computer what computations to perform on data in order to encrypt or decrypt it.

We have two most common forms of encryption, which are symmetric-key encryption or public-key encryption:

In symmetric-key encryption, all computers (or users) share the same key used to both encrypt and decrypt a message.

In public-key encryption, each computer (or user) has a public-private key pair. One computer uses its private key to encrypt a message, and another computer uses the corresponding public key to decrypt that message.

In a VPN, the computers at each end of the tunnel encrypt the data entering the tunnel and decrypt it at the other end. However, a VPN needs more than just keys files to apply encryption. That’s where protocols come in. A site-to-site VPN could use either Internet protocol security protocol (IPSec) or generic routing encapsulation (GRE). GRE provides the framework for how to package the passenger protocol for transport over the Internet protocol (IP). This framework includes information on what type of packet you’re encapsulating and the connection between sender and receiver.

IPSec is a widely used protocol for securing traffic on IP networks, including the Internet. IPSec can encrypt data between various devices, including router to router, firewall to router, desktop to router, and desktop to server.

IPSec consists of two sub-protocols which provide the instructions a VPN needs to secure its packets. They are Encapsulated Security Payload (ESP) and Authentication Header (AH).

Encapsulated Security Payload (ESP) encrypts the data it’s transporting with a symmetric key.

Authentication Header (AH) uses a hashing operation on the packet header to help hide certain sensitive information like the sender’s identity until it gets to its destination. This makes the sender anonymous to a hacker.

Networked devices can use IPSec in one of two encryption modes. In transport mode, devices encrypt the data traveling between them. In tunnel mode, the devices build a virtual tunnel between two networks. VPNs use the later.

In a remote- access VPN, tunneling typically relies on Point-to-point Protocol (PPP) which is part of the native protocols used by the Internet. More accurately, though, remote-access VPNs use one of three protocols based on PPP:

L2F (Layer 2 Forwarding) — Developed by Cisco; uses any authentication scheme supported by PPP

PPTP (Point-to-point Tunneling Protocol) — Supports 40-bit and 128-bit encryption and any authentication scheme supported by PPP

L2TP (Layer 2 Tunneling Protocol) — Combines features of PPTP and L2F and fully supports IPSec; also applicable in site-to-site VPNs

VPNs do such a good job at to keep businesses connected around the world. That is why tunneling protocols, haven’t changed much in that time.

 

This post was written by:

- who has written 47 posts on VPN Software.


Contact the author

Leave a Reply

high-speed-premium-vpn-square-7ad344e44db7fad48c20584ad45b3dc1

Share this page

Related Sites