Does pppd encrypt traffic?

Question

There is pppd program that can be used to create point-to-point conections over various channels (including other network).

It supports authentication and compression. But does it encrypt traffic or encryption is only used at authentication phase? Where can I see the algorithm and key size?

score 1 · Accepted Answer · edited Oct 07 '21 at 06:58

1

PPP has several extensions for that, e.g. RFC 1968 and Microsoft's MPPE. At least this pppd for Linux knows how to use MPPE, provided that the kernel was configured to support it (the bulk encryption work is done in the kernel). See the man page for how to configure algorithms and key size.

Of course, you will get encryption only if both ends of the link support it.

edited Oct 07 '21 at 06:58

Community

1

answered Feb 18 '13 at 19:13

Tom Leek

170,038
29
342
480

Is MPPE's algorithm secure engouh by today's standards? In the manual there is info about 40-bit and 128-bit modes while I typically see "AES 256 bits" as example of secure algorithm... – Vi. Feb 18 '13 at 19:18
**128 bits are enough**; see [this](http://security.stackexchange.com/questions/6141/amount-of-simple-operations-that-is-safely-out-of-reach-for-all-humanity/6149#6149). However, this does not mean that MPPE is "secure enough", only that key size will not be the issue. Bruce Schneier has [some things to say on MPPE and MS-CHAPv2](http://www.schneier.com/paper-pptpv2.html). – Tom Leek Feb 18 '13 at 19:34

Does pppd encrypt traffic?

1 Answers1