SonicWALL Internet Security Appliances User Manual
Page 276
Appendices Page 277
•
Data Encryption Standard (DES)
When DES is used for data communications, both sender and receiver must know the same
secret key, which can be used to encrypt and decrypt the message, or to generate and verify a
message authentication code. SonicWALL DES encryption algorithm uses a 56 bit key.
The SonicWALL VPN DES Key must be exactly 16-characters long and is comprised of
hexadecimal characters. Valid hexadecimal characters are "0" to "9", and "a" to "f" inclusive (0,
1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f). For example, a valid key would be 1234567890abcdef.
•
ARCFour
ARCFour is used for communications with secure Web sites using the SSL protocol. Many banks
use a 40 bit key ARCFour for online banking, while others use a 128 bit key. SonicWALL VPN
uses a 56 bit key for ARCFour.
ARCFour is faster than DES for several reasons. First, it is a newer encryption mechanism than
DES. As a result, it benefits from advances in encryption technology. Second, unlike DES, it is
designed to encrypt data streams, rather than static storage.
The SonicWALL VPN ARCFour key must be exactly 16 characters long and is comprised of
hexadecimal characters. Valid hexadecimal characters are "0" to "9", and "a" to "f" inclusive (0,
1, 2, 3, 4, 5, 6, 7, 8, 9, a, b, c, d, e, f). For example, a valid key would be 1234567890abcdef.
•
Strong Encryption (Triple DES)
Strong Encryption, or Triple DES (3DES), is a variation on DES that uses a 168-bit key. As a
result, 3DES is dramatically more secure than DES, and is considered to be virtually
unbreakable by security experts. It also requires a great deal more processing power, resulting
in increased latency and decreased throughput.
The SonicWALL 3DES Key must be exactly 24 characters long and is comprised of hexadecimal
characters. Valid hexadecimal characters are "0" to "9", and "a" to "f" inclusive (0, 1, 2, 3, 4, 5,
6, 7, 8, 9, a, b, c, d, e, f). For example, a valid key would be 1234567890abcdef12345678.
•
Security Parameter Index (SPI)
The SPI is used to establish a VPN tunnel. The SPI is transmitted from the remote VPN gateway
to the local VPN gateway. The local VPN gateway then uses the network, encryption and keys
associated with the SPI to establish the tunnel.
The SPI must be unique, is from one to eight characters long, and is comprised of hexadecimal
characters. Valid hexadecimal characters are "0" to "9", and "a" to "f" inclusive (0, 1, 2, 3, 4, 5,
6, 7, 8, 9, a, b, c, d, e, f). For example, valid SPIs would be 999 or 1234abcd.