Difference between pages "Serpent" and "VPN"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m (Corrections)
 
m (VPNs and anonymity)
 
Line 1: Line 1:
{{Expand}}
+
{{expand}}
  
'''Serpent''' is an [[encryption]] algorithm designed by Ross Anderson, Eli Biham and Lars Knudsen as a candidate for the Advanced Encryption Standard [[AES]] competition, where it got second place with 59 votes ([[Rijndael]] got 86 votes, and was selected by [[NIST]] as the [[AES]]).
+
'''VPN''' (Virtual Private Network) is a class of technology that allows remote machines to interconnect by creating a virtual network layer, on top of the physical network connection, that in practice is used to maintain the privacy of data shared over this virtual network connection (essentially all VPN toolsets use some form of packet-level [[encryption]]). There are many different modern implementations of the VPN concept itself, to the point where categorizing them together becomes somewhat questionable.  
  
Serpent uses a block size of 128 bits and supports a key size of 128, 192 or 256 bits.
+
== Overview ==
  
Serpent and Rijndael are somewhat similar. The main difference is that Rijndael has fewer rounds (10, 12 or 14 (depending on key size) compared to 32 for Serpent), hence it is faster. Arguably, Serpent is more secure.
+
Virtual Private Networks are deployed by organizations and individuals for different purposes:
  
Serpent is available as public domain, and can be freely used by anyone.
+
* Protecting confidential information in organizations (for example, when connecting geographically distant office networks);
 +
* Providing "work from home" or traveling employees with secure remote access to office network resources;
 +
* Securing general Internet traffic in particularly insecure network usage settings (e.g. open wireless networks);
 +
* Encrypting all internet traffic to and from a home connection, to prevent ISP packet shaping and/or surveillance (i.e. [http://www.torrentfreedom.net Torrentfreedom Privacy]).
  
== External Links ==
+
When used for Internet connectivity, VPN service also acts as a form of proxy and protects the user's real IP address from public display. As a result, they are an increasingly popular form of anonymity protection for ordinary internet users and criminals.
  
[http://www.cl.cam.ac.uk/~rja14/serpent.html Serpent Cipher Homepage]
+
== VPNs and anonymity ==
[http://en.wikipedia.org/wiki/Serpent_(cipher) Wikipedia article on Serpent]
+
 
 +
* Log files: VPN services may maintain usage logs which could then be used to track the activities of the user of those services, after the fact. However some commercial consumer-oriented VPN services specifically configure their servers not to retain any logfile information of this type. Example are [[Cryptocloud VPN]] or [[iVPN]].
 +
 
 +
* Protocol stack: [[TCP timestamps]] and IP ID values may be used in correlating incoming (encrypted) and outgoing (unencrypted) network streams. This type of "traffic analysis" can, in theory, be used to gather information about a fully-encrypted VPN connection - in practice, there are no known public examples of traffic analysis being used against commercial VPN service providers.
 +
 
 +
== See Also ==
 +
 
 +
* [[iVPN]]
 +
* [[Cryptocloud VPN]]
 +
* [[Tor]]
 +
* [[Proxy server]]
 +
 
 +
[[Category:Anti-Forensics]]
 +
[[Category:Network Forensics]]
 +
[[Category:Encryption]]

Latest revision as of 08:25, 27 April 2011

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

VPN (Virtual Private Network) is a class of technology that allows remote machines to interconnect by creating a virtual network layer, on top of the physical network connection, that in practice is used to maintain the privacy of data shared over this virtual network connection (essentially all VPN toolsets use some form of packet-level encryption). There are many different modern implementations of the VPN concept itself, to the point where categorizing them together becomes somewhat questionable.

Overview

Virtual Private Networks are deployed by organizations and individuals for different purposes:

  • Protecting confidential information in organizations (for example, when connecting geographically distant office networks);
  • Providing "work from home" or traveling employees with secure remote access to office network resources;
  • Securing general Internet traffic in particularly insecure network usage settings (e.g. open wireless networks);
  • Encrypting all internet traffic to and from a home connection, to prevent ISP packet shaping and/or surveillance (i.e. Torrentfreedom Privacy).

When used for Internet connectivity, VPN service also acts as a form of proxy and protects the user's real IP address from public display. As a result, they are an increasingly popular form of anonymity protection for ordinary internet users and criminals.

VPNs and anonymity

  • Log files: VPN services may maintain usage logs which could then be used to track the activities of the user of those services, after the fact. However some commercial consumer-oriented VPN services specifically configure their servers not to retain any logfile information of this type. Example are Cryptocloud VPN or iVPN.
  • Protocol stack: TCP timestamps and IP ID values may be used in correlating incoming (encrypted) and outgoing (unencrypted) network streams. This type of "traffic analysis" can, in theory, be used to gather information about a fully-encrypted VPN connection - in practice, there are no known public examples of traffic analysis being used against commercial VPN service providers.

See Also