The Cisco IOS Cryptosystem uses four encryption technologies.

  1. The Data Encryption Standard (DES) is used to encrypt the data and to provide privacy.
  2. Digital Signature Standard (DSS) is used to authenticate the peers.
  3. MD5, the one way hash algorithm, is used within DSS for integrity and to create the digital signature.
  4. Diffie-Hellman is used to distribute the keys.

Once the encryption process has started between both routers, packets are encrypted; this provides privacy on all packets exchanged between the two routers.