Layer 1, 2 and 3 encryption

Basics Layer 1, 2 and 3 encryption

Security only exists if confidentiality, integrity and authenticity are guaranteed

Reliable encryption protects the data to be transferred from:

  • Read along the data (confidentiality) is prevented by "simple encryption" 
  • Change of data (integrity) is prevented by a digital signature 
  • Repetition of data (authenticity) is prevented by clearly marking (counter) the data

The AES encryption standard

The Advanced Encryption Standard is a symmetrical encryption system that was determined in 2000 by the National Institute of Standards and Technology (NIST) as the successor to the Data Encryption Standard (DES). The AES standard, named after its developers Joan Daemen and Vincent Rijmen, is also known as the Rijndael-Algorithm.

The algorithm uses the block size (128 bits) and a key length of 256 bits. In this process, the binary plain text is linked with keys in several steps and changed repeatedly. The standard is resistant to linear as well as differential encryption analyzes and thus offers complete protection of the data to be transmitted.

The advantages of Layer 1 encryption

Encryption on layer 1 of the OSI model enables secure transmission regardless of the protocols and applications to be transmitted. Here, voice, data and video as well as Ethernet, Fibre Channel, SDI, CPRI protocols can be securely encrypted. The encryption on layer 1 means that there is no overhead data and the encryption can be carried out at line speed with 100% data throughput. The available solutions encrypt data connections from 1 Gbps to 200 Gbps full duplex.

Significant advantages in data throughput when layer 2 encryption is used compared to layer 3.

Significant Benefits regarding Data Troughput with L2 Encryption over L3

The advantages of Layer 2 encryption

Encryption on layer 2 of the OSI model enables the secure transmission of unicast, multicast and broadcast data. Layer 2 encryption works transparently to VLAN, CoP and MPLS connections and is completely decoupled from all applications on higher layers. With its low overhead, Layer 2 encryption offers significant speed advantages compared to Layer 3-based encryption.

The security features of the encryption solutions at a glance

  • High data throughput with line speed (Layer 1)
  • AES (256 bit) encryption method with GCM
  • Integrity and replay protection of the transmitted data
  • Approved for classified information by the BSI according to VS-NfD (Layer 2)
  • Tamper resistant design, tamper-proof key storage (layer 2)
  • Compliant with the requirements of FIPS 140-2 L3 and CC EAL3 (Layer 2)

The advantages of Layer 3 encryption

Encryption on layer 3 of the OSI model enables the secure transmission of IP-packets via a public transport network. Usually the encryption realized software-based in the router or in the end device. Due to the software implementation, encryption on Layer 3 has the greatest latency and has significant restrictions in data throughput. Many system manufacturers of e.g. routers offer in their system technology an option for encryption on layer 3 without high additional costs.

Contact Person
Jörn Randt
Business Development Manager
+49 6103 834 83 180

Related Topics and products