Please Whitelist This Site?
I know everyone hates ads. But please understand that I am providing premium content for free that takes hundreds of hours of time to research and write. I don't want to go to a pay-only model like some sites, but when more and more people block ads, I end up working for free. And I have a family to support, just like you. :)
If you like The TCP/IP Guide, please consider the download version. It's priced very economically and you can read all of it in a convenient format without ads.
If you want to use this site for free, I'd be grateful if you could add the site to the whitelist for Adblock. To do so, just open the Adblock menu and select "Disable on tcpipguide.com". Or go to the Tools menu and select "Adblock Plus Preferences...". Then click "Add Filter..." at the bottom, and add this string: "@@||tcpipguide.com^$document". Then just click OK.
Thanks for your understanding!
Sincerely, Charles Kozierok
Author and Publisher, The TCP/IP Guide
The PPP authentication protocols PAP and CHAP can be used to ensure that only authorized devices can establish a PPP connection. Once that is done, PPP normally provides no other security to the data being transmitted. In particular, all data is normally sent “in the clear” (unencrypted), making it easy for someone who intercepts it to read. For important data that must be kept secure, encryption prior to transmission is a good idea. This can be done at higher layers using something like IPSec, but PPP also provides an optional feature that allows data to be encrypted and decrypted at the data link layer itself.
Note: This topic is very similar in structure and content to the preceding one that covers PPP compression, because the features are implemented in a very similar way. For the benefit of those who may not be reading in sequence I have provided a standalone description in this topic, without assuming you have read the prior topic on compression. This means this topic may seem almost like “deja vu” if you just read the topic on CCP.
PPP data encryption is implemented using two protocol components:
ECP is usually the only part mentioned when encryption in PPP is discussed. ECP is in fact used only to configure and control the use of encryption; it is the algorithms that do the real work. This technique allows each implementation to choose what type of encryption they wish to use. The original ECP defined only a single encryption method, and a couple of others have since been added.
Key Concept: PPP includes an optional encryption feature, which provides privacy for data transported over PPP. A number of encryption algorithms are supported. To enable encryption, both devices on a PPP link use the PPP Encryption Control Protocol (ECP) to negotiate which algorithm to use. The selected algorithm is then used to encrypt and decrypt PPP data frames.