Abstract
The purpose of this document is to provide fundamental differences between link and end-to-end encryption techniques. Also included within this document is a description of traffic padding and what its fundamental purpose is. The last item that can be found within this document is a description of differences between a session key and a master key.
Content
Although similar, there is a major difference between end-to-end encryption and link encryption. Both end-to-end encryption and link encryption is used to ensure data being passed along a network is secure. For both end-to-end encryption and link encryption to work both sides need to have a prearranged key and algorithm established. End-to-end encryption works by encrypting the payload of a packet and leaves the header information unencrypted to allow for routing to be done without the need of decrypting the packet (Net Security, 2009). End-to-end encryption works between two end systems on a network. Link encryption works by having an encryption device on two ends of a communication path and encrypting everything that enters those encryption devices. Link encryption is good, however on a large network there is a need for numerous encryption devices (School of Electronics and Communications Engineering, 2009). Also for link encryption, a major disadvantage is that data needs to be decrypted before entering a network device. The major difference between link encryption and end-to-end encryption is that link encryption encrypts everything and end-to-end encryption only encrypts the payload of a packet and leaves the header information clear to allow for switching or routing.
What is traffic padding? Traffic padding is the ability to generate additional data and input that data into a data stream in order to make data analysis or data monitoring more difficult. Traffic padding can be found within encryption devices in order to make communications more secure. Traffic padding is used to ensure the confidentiality of private information is not compromised.
In order to best understand what the difference between a session key and a master key is, it is important to know about each. A session key is a key that is used to encrypt all communications between devices during an entire session. Once the session has been broken, a new session key needs to be generated in order to establish secure communications. A master key is a key that is used to create other keys from. Since a master key is used to create other keys from, it is important that a master key is handled appropriately and is stored in a secure location (Sibbald, 2008). A master key is used to create other keys, while a session key is a one-time use key that is used to ensure communications are secured during an entire session.
In conclusion, there are similarities between different types of encryption and different types of keys, but even though it seems they are the same there are differences. End-to-end encryption encrypts only the information within a body of a packet, whereas link encryption encrypts everything between two points. Traffic padding is used to ensure secure communications remain secure by generating pieces of information and placing that information into a data stream in order to make monitoring more difficult. A session key is used to ensure data is securing for the duration of a session between devices, whereas a master key is used to derive other keys from.
References
1. (2009, February 13th). Distributed end-to-end encryption of sensitive data with SecureData. Retrieved February 22, 2009, from Distributed end-to-end encryption of sensitive data with SecureData Web site: http://www.net-security.org/secworld.php?id=7045
2. (2009). Network Security. Retrieved February 22, 2009, from Network Security and Encryption Web site: [URL Removed Broken link]
3. Sibbald, Kern (2008, January 26th). Data Encryption. Retrieved February 22, 2009, from Bacula Web site: [URL Removed Broken link]