RFC 1968 (rfc1968) - Page 2 of 11
The PPP Encryption Control Protocol (ECP)
Alternative Format: Original Text Document
RFC 1968 PPP Encryption June 1996
Table of Contents
1. Introduction ........................................... 2
2. Encryption Control Protocol (ECP) ...................... 2
2.1 Sending Encrypted Datagrams ....................... 3
3. Additional Packets ..................................... 4
3.1 Reset-Request and Reset-Ack ....................... 5
4. ECP Configuration Options .............................. 6
4.1 Proprietary Encryption OUI ........................ 7
4.2 Publicly Available Encryption Types ............... 8
4.3 Negotiating an Encryption Algorithm ............... 9
5. Security Considerations ................................ 10
1. Introduction
In order to establish communications over a PPP link, each end of the
link must first send LCP packets to configure and test the data link
during Link Establishment phase. After the link has been
established, optional facilities may be negotiated as needed.
One such facility is data encryption. A wide variety of encryption
methods may be negotiated, although typically only one method is used
in each direction of the link.
A different encryption algorithm may be negotiated in each direction,
for speed, cost, memory or other considerations.
2. Encryption Control Protocol (ECP)
The Encryption Control Protocol (ECP) is responsible for configuring
and enabling data encryption algorithms on both ends of the point-
to-point link.
ECP uses the same packet exchange mechanism as the Link Control
Protocol (LCP). ECP packets may not be exchanged until PPP has
reached the Network-Layer Protocol phase. ECP packets received
before this phase is reached should be silently discarded.
The Encryption Control Protocol is exactly the same as LCP [1] with
the following exceptions:
Frame Modifications
The packet may utilise any modifications to the basic frame
format which have been negotiated during the Link Establishment
phase.
Meyer Standards Track
