Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
546
Views
3
Helpful
3
Replies

vpn encryption

carl_townshend
Spotlight
Spotlight

‎10-26-2006 03:57 AM - edited ‎03-05-2019 12:28 PM

I have just been reading up on this, which part is the encryption, is it the ip-sec part or the 3DES ? im unsure of what does what ? please help

Labels:
0 Helpful
3 Replies 3

smothuku
Level 7
Level 7

‎10-26-2006 04:33 AM

Hi carl ,

The following info may clear your dought.

IPSec is a security addition to the IP protocol, that enables security and privacy to TCP/IP communication. With IPSec enabled communication, no one, except the receiver, can read what is sent over the network (like the Internet).Normally IPSec consists of two parts: The key management (IKE/ISAKMP) and the encryption part (ESP). IPSec is the most widely used protocol for VPN's (Virtual Private Networks). To ensure privacy, data is encrypted with an encryption algorithm. An encryption algorithm is a way of changing data so that only the ones who knows how it was changed can reconstruct it. To describe the process of changing and reconstructing data, the analogy to a lock and key has been made. You can lock data with a key, and only that key can unlock it. Triple DES (3DES) encryption algorithm is unbreakable today, and the widest used algorithm for strong encryption. If you want to find the right key for an encrypted text, you could try all possible keys, but prepare to be patient ! Triple DES has an effective number of keys that is approximately 2^112 (2*2*2*2 ... 112 times) that is 112 bits.

0 Helpful

carl_townshend
Spotlight
Spotlight
In response to smothuku

‎10-26-2006 05:13 AM

thanks for that, so, what does the ike/isakmp do ? , what does the esp do ? and what does the 3des do ?

0 Helpful

smothuku
Level 7
Level 7
In response to carl_townshend

‎10-26-2006 05:50 AM

IPSec provides security to IP flows through the use of authentication and encryption. Authentication verifies that data is not altered during transmission and ensures that users are communicating with the individual or organization that they believe they are communicating with.

Encryption makes data confidential by making it unreadable to everyone except the sender and intended recipient. IPSec comprises two encapsulating protocols:

Encapsulating Security Payload (ESP) provides confidentiality and authentication functions to every data packet.

Authentication Header (AH) provides authentication to every data packet.

Internet Key Exchange (IKE) is a means of dynamically creating IP Security (IPSec) connections. IPSec uses encryption and authentication to create virtual private networks over an insecure network. IPSEC provides Internet Key Exchange to automatically exchange randomly generated keys which are transmitted using asymmetric encryption technology, according to negotiated algorithm details

A mode of the DES encryption algorithm that encrypts data three times. Three 64-bit keys are used, instead of one, for an overall key length of 192 bits (the first encryption is encrypted with second key, and the resulting cipher text is again encrypted with a third key).

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card