SECURE DATA-TRANSMISSION IN EXTENDED ETHERNET ENVIRONMENTS

An extended Ethernet LAN is built connecting together several Ethernet segments by means of suitable devices (repeaters, bridges, etc.). A c ommon way to make this inter-connection is through a main segment, cal led the ''backbone,'' that joins each of the departments (or, perhaps, building floors) within the owner premises. Unfortunately, once the c able laying is finished, it is often inevitable that the backbone can be accessed in areas of difficult or impossible control by the network owner. Therefore, in this kind of network, data transmission in the b ackbone is very sensitive to either eavesdropping or manipulation. In this work, we focus on the implementation of a cryptographic system th at protects transmission (providing for both confidentiality and integ rity of transmitted data) in this kind of network. The operation of th e proposed system, and the specific troubles encountered to implement it in the local network of the Polytechnic University of Catalonia, is presented. We also make an analysis of the functionality of the ciphe ring bridges, and their implementation is studied in detail. Finally, the more relevant results and conclusions are exposed.