Encryption is the process of transforming data in a form which is impossible to decipher without the knowledge of the key or keys used to encrypt it. Depending on the encryption algorithm, either symmetric or asymmetric keys are used. These keys were discussed in the preceding sections of this chapter.
This part of the chapter will cover the following:
The type of keying used affects how encryption is performed. For example, if you use a symmetric keying algorithm, data is encrypted and decrypted with the same key. However, with an asymmetric keying encryption algorithm, a public key is used to encrypt the data and the corresponding private key is used to decrypt it. We have seen the advantage of asymmetric key algorithms for encryption: you can easily share the public key across a public network and have a remote device use this key to encrypt data sent to you. Even if an attacker sees the public key, it won't do him any good because only the corresponding private key can decrypt the data.
However, because the complexity of the encryption/decryption algorithm makes asymmetric keying with encryption a very slow process, asymmetric keying typically is reserved for identity authentication and key sharing, and symmetric keying is used for data encryption. Because of this, the following sections will focus only on encryption algorithms that use symmetric keys.
VPN devices, especially VPN gateways, commonly offload encryption processes to a hardware module to speed up the encryption and decryption of packets.
One main problem with symmetric encryption algorithms, though, is that the same key must be used on the source and destination. Sharing the key can be problematic. If you sent the key across the network to a peer, an eavesdropping attacker could see the key and be able to decrypt your messages. You could pre-share the key, but managing the periodic changing of the key for increased security causes management headaches. The "Key Exchange" section later in the chapter will examine this issue in more depth.
Many encryption algorithms have been developed that use symmetric keys. These algorithms include the following:
The following sections will discuss some of the more common algorithms used by VPN implementations.
DES and 3DES Algorithms
DES and 3DES are very popular encryption algorithms used by VPN implementations. DES, originally named Lucifer, was developed at IBM in the early 1970s. The NSA and NIST modified Lucifer, resulting in DES, which is a federal standard defined in FIPS 46-3 and ANSI X9.32.
DES is a block cipher encryption algorithm: it takes a fixed-length block of data and converts it into a fixed-length block of encrypted data of the same size by using a symmetric key. The key's length is 64 bits, but because 8 bits are used for parity, the effective key length is 56 bits. Decryption uses a reverse process on the encrypted data block with the same symmetric key, resulting in the original clear-text block of data.
No easy method has been found to break DES; however, with a brute force approach, guessing the keying information used can be done by trying out 255 possible key values. There are other possible methods of breaking DES encryption, but the brute force approach has proven to be the best option. For example, DES was broken in 1998 by a supercomputer in 56 hours and again broken in 1999 in 22 hours by a network of distributed computers. On top of this, it is possible to build specialized hardware appliances to break DES even more quickly . . . in less than 1 hour!
Because computers were becoming more and more powerful during the 1980s and 1990s, and because DES was proven crackable in a reasonable amount of time, NIST created 3DES in 1999. 3DES is basically an enhanced version of DES. 3DES uses three stages of DES and is more secure. DES is applied three times with three different 56-bit keys, resulting in an effective key length of 168 bits. Whereas no successful attack has ever been documented in cracking 3DES, this enhanced security of DES is sufficient for most current applications. No current amount of computing power exists to use a brute force approach to break 3DES.
3DES is generally 168-bit, though it could be effectively 112-bit if the same key was used twice. Some vendors are not using a third unique key, but still call their implementation 3DES. Although 3DES is slower in software, the speed difference is barely noticeable when performed in hardware.
DES and 3DES have the following advantages as encryption algorithms:
Given their advantages, DES and 3DES have the following disadvantages:
Expecting that computing power eventually would catch up with 3DES and make it feasible to break it, NIST replaced DES and 3DES with the Advanced Encryption Standard (AES) in 2002. AES is more secure than 3DES and is expected to have a security lifetime of about 10 to 20 years, based on the past history of the increase of computing power.
Actually, there was competition for which new encryption algorithm would replace 3DES: Twofish or Rijndael. Twofish is an enhanced version of the Blowfish algorithm. It can use keys lengths up to 448 bits, requires a very small amount of memory, and is very fast; however, its cipher structure is very complex, making it difficult to analyze to determine how hard, or easy, it is to break. Rijndael uses key lengths of 128, 192, and 256 bits, and sizes of 128, 192, and 256 bits. It is very flexible and is easy to implement. Rijndael won the competition and is now what we know as AES.
AES is a symmetric block cipher that supports 128-, 192-, and 256-bit key lengths. It consists of four stages in a round, which is repeated 10 times for 128-bit keys, 12 times for 192-bit keys, and 14 times for 256-bit keys. At first you might think this would be more process-intensive when compared to something like 3DES; but because of the efficient way AES was written, it is actually less CPU-intensive. Plus, when using larger key sizes, the number of extra rounds increases by two for each step up in key size. Therefore, there is not a linear process relating to the key size and necessary CPU cycles to perform encryption. Actually, the processing cycles slowly increase as the key size increases, obtaining better security without sacrificing performance. Many VPN implementations, such as IPsec, are moving toward using AES to provide for data encryption functions.
Part I: VPNs
Overview of VPNs
PPTP and L2TP
Part II: Concentrators
Concentrator Product Information
Concentrator Remote Access Connections with IPsec
Concentrator Remote Access Connections with PPTP, L2TP, and WebVPN
Concentrator Site-to-Site Connections
Verifying and Troubleshooting Concentrator Connections
Part III: Clients
Cisco VPN Software Client
Windows Software Client
3002 Hardware Client
Part IV: IOS Routers
Router Product Information
Router ISAKMP/IKE Phase 1 Connectivity
Router Site-to-Site Connections
Router Remote Access Connections
Troubleshooting Router Connections
Part V: PIX Firewalls
PIX and ASA Product Information
PIX and ASA Site-to-Site Connections
PIX and ASA Remote Access Connections
Troubleshooting PIX and ASA Connections
Part VI: Case Study