The ability to network devices comes the risk of outsiders obtaining access to important and confidential information. Security can be realized through various encryption methods.
There are two main types of encryption: asymmetric encryption (also known as public-key encryption) and symmetric encryption. There are many algorithms for encrypting data based on these types.
- AES (Advanced Encryption Standards) is a popular and powerful encryption standard that has not been broken. Select Lantronix device servers feature a NIST-certified implementation of AES as specified by the Federal Information Processing Specification (FIPS-197). This standard specifies Rijndael as a FIPS-approved symmetric encryption algorithm that may be used to protect sensitive information. A common consideration for device networking devices is that they support AES and are validated against the standard to demonstrate that they properly implement the algorithm. It is important that a validation certificate is issued to the product’s vendor which states that the implementation has been tested.
- Secure Shell Encryption
- Secure Shell (SSH) is a program that provides strong authentication and secure communications over unsecured channels. It is used as a replacement for Telnet, rlogin, rsh, and rcp, to log into another computer over a network, to execute commands in a remote machine, and to move files from one machine to another. AES is one of the many encryption algorithms supported by SSH. Once a session key is established SSH uses AES to protect data in transit.
Both SSH and AES are extremely important to overall network security by maintaining strict authentication for protection against intruders as well as symmetric encryption to protect transmission of dangerous packets. AES certification is reliable and can be trusted to handle the highest network security issues.
- Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs) which are defined in the 802.11b standard. WEP is designed to provide the same level of security as that of a wired LAN, however LANs provide more security by their inherent physical structure that can be protected from unauthorized access. WLANs, which are over radio waves, do not have the same physical structure and therefore are more vulnerable to tampering. WEP provides security by encrypting data over radio waves so that it is protected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once believed. WEP is used at the data link and physical layers of the OSI model and does not offer end-to-end security.
- Supported by many newer devices, Wi-Fi Protected Access (WPA) is a Wi-Fi standard that was designed to improve upon the security features of WEP. WPA technology works with existing Wi-Fi products that have been enabled with WEP, but WPA includes two improvements over WEP. The first is improved data encryption via the temporal key integrity protocol (TKIP), which scrambles keys using a hashing algorithm and adds an integrity-checking feature to ensure that keys haven’t been tampered with. The second is user authentication through the extensible authentication protocol (EAP). EAP is built on a secure public-key encryption system, ensuring that only authorized network users have access. EAP is generally missing from WEP, which regulates access to a wireless network based on the computer’s hardware-specific MAC Address. Since this information can be easily stolen, there is an inherent security risk in relying on WEP encryption alone.