Symmetric algorithm – modes of operation

Symmetric encryption is a stream cipher that encrypts data one bit at a time; this is easy to crack and is much slower than a block cipher. Block cipher mode takes blocks of data depending on the key and encrypts that data in blocks—this makes the encryption of a large amount of data much faster.

In a L2TP/IPSec VPN tunnel, we have a choice of three different versions of symmetric encryption; the weakest is DES, which has 56-bit key, followed by Triple Des (3DES), which has a 168-bit key. The most secure is AES as it can go from 128 bits up to 256 bits. Remember, symmetric encryption has only one key. It is much faster for encrypting a larger amount of data, but it needs Diffie Hellman, an asymmetric ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.