Link encryption

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Link encryption is an approach to communications security that encrypts and decrypts all traffic at each network routing point (e.g. network switch, or node through which it passes) until arrival at its final destination. This repeated decryption and encryption is necessary to allow the routing information contained in each transmission to be read and employed further to direct the transmission toward its destination, before which it is re-encrypted. This contrasts with end-to-end encryption where internal information, but not the header/routing information, are encrypted by the sender at the point of origin and only decrypted by the intended receiver.

Link encryption offers a couple of advantages:

  • encryption is automatic so there is less opportunity for human error.
  • if the communications link operates continuously and carries an unvarying level of traffic, link encryption defeats traffic analysis.

On the other hand, end-to-end encryption ensures only the recipient sees the plaintext.

Link encryption can be used with end-to-end systems by superencrypting the messages.

Bulk encryption refers to encrypting a large number of circuits at once, after they have been multiplexed.

References[edit]