Traffic Encryption (SunScreen SKIP User's Guide, Release 1.1)

SunScreen SKIP User's Guide, Release 1.1

Previous: The Namespace Identifiers (NSID)
Next: Authentication of SKIP Packets

Traffic Encryption

Traffic is encrypted using conventional symmetric key cryptography, such as RC2, RC4, DES, and the like. The user installs SunScreen SKIP, which has the algorithm packages that are required. Traffic encryption keys are changed based on the volume of data and the length of time a key is used.

There is a tool with a GUI to control how often you want the traffic encryption keys changed. As shipped, the default is to change traffic keys after every 512K bytes of data or after being used for 30 seconds; traffic keys are deleted after being unused for 30 seconds. You can change these values to meet the security needs of your site. This tool is discussed in detail in Chapter 3.

It is important to change the traffic encryption keys frequently enough so that cracking a key will leave little data, and yet not so frequently so that reconfiguring the keys incurs excessive overhead.

Previous: The Namespace Identifiers (NSID)
Next: Authentication of SKIP Packets