The process where the data is encoded such that it can only be read by the computer authorized for decoding is known as encryption. Encryption can be used for protecting the files present on the computer or for securing the information sent over the internet. The encryption key is something which informs the computer about the computations to perform over the data to encode or decode it. The commonly used encryption techniques are public key encryption and symmetric key encryption.
- Public key encryption- In this, each user has a pair of private-public key. The user uses his/her private key to encode a particular data and the other user then uses the public key which came in the pair to decode it.
- Symmetric key encryption- In this, each user shares the same key with other users to encode or decode the data present on the computer.
In a Virtual private network, data entering the tunnel gets encrypted. This encrypted data travels its length in the encrypted form, only to be decrypted at the end of the tunnel and then reach the destination. Now, since VPN is complex, it requires multiple pair of keys, such that encryption can be done efficiently. That’s where the protocols kick in! A site to site VPN uses either GRE (Generic Routing Encapsulation) or IPSec (Internet Protocol Security) protocol. The GRE protocol typically gives the framework for packaging the passenger protocols, which are to be transported over the IP. This framework gives info related to the type of packet to be encapsulated and the strength of the connection between the receiver and the sender.
IPSec protocol secures the traffic on the internet protocol network while encrypting the data between devices like routers, firewalls, servers and desktops. IPSec makes use of two sub protocols which help the VPN get instructions on ways of securing the packets passed over it.
- Authentication Header- Also known as AH, this makes use of a hashing on the header to hide a part of packet information until it reaches its destination
- Encapsulated Security Payload- Also known as ESP, this protocol encrypts the payload for a packet using a symmetric key.
IPSec is used by networked devices using two encryption modes
- Transport mode- In this, the devices themselves encrypt the data which travels through them
- Tunnel mode- In this, the devices generate a virtual tunnel.
VPNs typically use IPSec in a tunnel mode under protocols IPSec AH and IPSEC ESC. For remote access VPN, tunneling process relies on PPP (point to point protocol). The three protocols based on the point to point protocol include-
- Layer to Forwarding- This uses the authentication scheme ably supported by PPP. It has been developed by Cisco technologies
- Point to point Tunneling- This supports the 40 and 128 bit encryptions along with the authentication schemes supported by PPP
- Layer to Tunneling- This protocol combines the Layer to forwarding and Point to point tunneling protocol features.
These are the protocols and encryptions used in VPN. If you wish to take service of a good VPN service provider, we would request you to go through the ExpressVPN review and take an informed decision. Did we do a good job in explaining the encryption and protocols used?