|
PPP Encryption Control Protocol (ECP) and Encryption Algorithms
(Page 1 of 4)
The PPP
authentication protocols PAP and CHAP
can be used to ensure that only authorized devices can establish a PPP
connection. Once that is done, PPP normally provides no other security
to the data being transmitted. In particular, all data is normally sent
“in the clear” (unencrypted), making it easy for someone who
intercepts it to read. For important data that must be kept secure,
encryption prior to transmission is a good idea. This can be done at
higher layers using something like IPSec,
but PPP also provides an optional feature that allows data to be encrypted
and decrypted at the data link layer itself.
 Note: This topic is very similar in structure and content to the preceding one that covers PPP compression, because the features are implemented in a very similar way. For the benefit of those who may not be reading in sequence I have provided a standalone description in this topic, without assuming you have read the prior topic on compression. This means this topic may seem almost like “deja vu” if you just read the topic on CCP.
|
PPP data encryption is implemented
using two protocol components:
- PPP Encryption Control Protocol (ECP):
This protocol is responsible for negotiating and managing the use of
encryption on a PPP link.
- PPP Encryption Algorithms: A family of
encryption algorithms that perform the actual encryption and decryption
of data. Several of these are defined in Internet standards (RFCs),
and two devices can also negotiate a proprietary encryption method if
they want to use one not defined by a public standard.
ECP is usually the only part mentioned
when encryption in PPP is discussed. ECP is in fact used only to configure
and control the use of encryption; it is the algorithms that do the
real work. This technique allows each implementation to choose what
type of encryption they wish to use. The original ECP defined only a
single encryption method, and a couple of others have since been added.
 Key Concept: PPP includes an optional encryption feature, which provides privacy for data transported over PPP. A number of encryption algorithms are supported. To enable encryption, both devices on a PPP link use the PPP Encryption Control Protocol (ECP) to negotiate which algorithm to use. The selected algorithm is then used to encrypt and decrypt PPP data frames.
|
| If you find The TCP/IP Guide useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider purchasing a download license of The TCP/IP Guide. Thanks for your support! |
|
|
Home -
Table Of Contents - Contact Us
The TCP/IP Guide (http://www.TCPIPGuide.com)
Version 3.0 - Version Date: September 20, 2005
© Copyright 2001-2005 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.
|
