Key-encryption-key (KEK)

A protocol in development by the IETF to support secure data exchange. Once completed, IPSec is expected to be widely deployed to implement virtual private networks (VPNs). IPSec supports two encryption modes: Transport and Tunnel. Transport mode encrypts the data portion (payload) of each packet but leaves the header untouched. Tunnel mode is more secure because it encrypts both the header and the payload. On the receiving side, an IPSeccompliant device decrypts each packet.
[view]

An encryption technique that protects entire communications circuits by creating a secure tunnel between two points. This is done by using either a hardware or software solution that encrypts all traffic entering one end of the tunnel and decrypts all traffic exiting the other end of the tunnel. Encryption of information between nodes of a communications system. The application of online cryptooperations to a link of a communications system so that all information passing over the link is encrypted in its entirety.
[view]

A network connection established between two systems over an existing private or public network. A VPN provides confidentiality and integrity for network traffic through the use of encryption. A secure private network that uses the public telecommunications infrastructure to transmit data. In contrast to a much more expensive system of owned or leased lines that can only be used by one company, VPNs are used by enterprises for both extranets and wide are intranets. Using encryption and authentication, a VPN encrypts all data that passes between two Internet points, maintaining privacy and security. Protected information system link utilizing tunneling, security controls (. See information assurance), and endpoint address translation giving the impression of a dedicated line.
[view]

Advanced Encryption StandardAdvanced Encryption Standard, a new encryption standard, whose development and selection was sponsored by NIST, that will support key lengths of 128, 192, and 256 bits. FIPS approved cryptographic algorithm that is a symmetric block cipher using cryptographic key sizes of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits. The encryption standard selected in October 2000 by the National Institute of Standards and Technology (NIST) that is based on the Rijndael cipher.
[view]

The simplest encryption mode to understand and the least secure. Each time the algorithm processes a 64-bit block, it simply encrypts the block using the chosen secret key. This means that if the algorithm encounters the same block multiple times, it produces the same encrypted block.
[view]