|DESE-bis, PPP DES Data Encryption Standard Protocol|
|Protocol type:||PPP encryption protocol.|
|Working groups:||pppext, Point-to-Point Protocol Extensions.|
The Data Encryption Standard (DES) Protocol provides an algorithm to encrypt PPP encapsulated packets.
The DES encryption algorithm is a well studied, understood and widely implemented encryption algorithm. The DES cipher was designed for efficient implementation in hardware, and consequently may be relatively expensive to implement in software. However, its pervasiveness makes it seem like a reasonable choice for a "model" encryption protocol.
While the US Data Encryption Standard (DES) algorithm provides multiple modes of use, this specification selects the use of only one mode in conjunction with the PPP Encryption Control Protol (ECP): the Cipher Block Chaining (CBC) mode. In addition to the US Government publications cited above, the CBC mode is also discussed in [Schneier, B., "Applied Cryptography - Protocols Algorithms, and source code in C."], although no C source code is provided for it per se.
Once the ECP has reached the Opened state, the sender MUST NOT apply the encryption procedure to LCP packets nor ECP packets.
Data Encryption Standard.
(RFC 2419) The purpose of encrypting packets exchanged between two PPP implementations is to attempt to insure the privacy of communication conducted via the two implementations. The encryption process depends on the specification of an encryption algorithm and a shared secret (usually involving at least a key) between the sender and receiver. Generally, the encryptor will take a PPP packet including the protocol field, apply the chosen encryption algorithm, place the resulting cipher text (and in this specification, an explicit sequence number) in the information field of another PPP packet. The decryptor will apply the inverse algorithm and interpret the resulting plain text as if it were a PPP packet which had arrived directly on the interface.
[RFC 2419] The PPP DES Encryption Protocol, Version 2 (DESE-bis).
[RFC 1969] The PPP DES Encryption Protocol (DESE).