F. Recacha et al., SECURE DATA-TRANSMISSION IN EXTENDED ETHERNET ENVIRONMENTS, IEEE journal on selected areas in communications, 11(5), 1993, pp. 794-803
An extended Ethernet LAN is built connecting together several Ethernet
segments by means of suitable devices (repeaters, bridges, etc.). A c
ommon way to make this inter-connection is through a main segment, cal
led the ''backbone,'' that joins each of the departments (or, perhaps,
building floors) within the owner premises. Unfortunately, once the c
able laying is finished, it is often inevitable that the backbone can
be accessed in areas of difficult or impossible control by the network
owner. Therefore, in this kind of network, data transmission in the b
ackbone is very sensitive to either eavesdropping or manipulation. In
this work, we focus on the implementation of a cryptographic system th
at protects transmission (providing for both confidentiality and integ
rity of transmitted data) in this kind of network. The operation of th
e proposed system, and the specific troubles encountered to implement
it in the local network of the Polytechnic University of Catalonia, is
presented. We also make an analysis of the functionality of the ciphe
ring bridges, and their implementation is studied in detail. Finally,
the more relevant results and conclusions are exposed.