Previous Topic

Next Topic

Using Asymmetric Encryption Keys

Working with asymmetric encryption keys is only available to ViPNet clients.

On each ViPNet client node, you can use the Public Key Infrastructure (PKI) System to distribute public keys. When asymmetric encryption is used, a pair of asymmetric encryption keys (public and secret) is created at specified time periods. A new public key, signed by a ViPNet user, is then sent to those ViPNet nodes for which the PKI System is activated.

In the case of private and public keys for nodes that have valid certificates, an additional symmetric exchange key is created. This key is used until a new pair of asymmetric keys is created by either side and a new public key is delivered to other ViPNet nodes.

Changing the key doesn't break current sessions, because it only occurs if both sides are sure the keys exist.

Updating asymmetric keys between nodes is done automatically without the participation of users and ViPNet Manager.

To work with another user using asymmetric keys:

  1. Select Service > Security Service Settings from the main menu of ViPNet Client [Monitor].

    The Security Service Settings window appears.

  2. Click the Security Configuration button. The Security configuration dialog box appears:

  3. Tick the Use asymmetric encryption keys check box.
  4. In the Asymmetric keys automatic update period (0-365 days) field, specify how often you want to update the keys.
  5. To save your settings, click the OK button.
  6. Select Private Network on the main window of ViPNet Client [Monitor] and double-click the user you want to work with using asymmetric keys from the right-hand side of the screen.

    The Access Rules dialog box appears:

  7. From the Common tab, tick the Use Public Key Infrastructure check box and press OK.

    An asymmetric key will be created for that workstation and the public part of the asymmetric key will be sent to that workstation. After receiving the public part (if using asymmetric key is allowed), another asymmetric key will be created on that workstation and its public part will be sent to your workstation. Future work between the two workstations will be carried out with using asymmetric keys.

Back to top

© 2007 Infotecs