• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 113
  • Last Modified:

SNMP v3 Encryption of encoded messages

I need to research whether any devices that use SNMPv3 perform 3 steps:
1. encode SNMP messages to get an encoded message
2. encrypt the encoded message from step 1 to get the encrypted message
3. encode the encrypted message from step 2.

Thoughts?
0
cyber-33
Asked:
cyber-33
  • 2
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
only if authPriv is enabled and configured (you should use AES and not DES)
0
 
cyber-33Author Commented:
Interesting. David, why use AES and not DES?

Another question I have what is the scenario, where the encrpted message (encryptedPDU) would represent the encoded message, as opposed to representing plain data (scopedPDU) ?

My concern is that the plain data is being encrypted PRIOR to it is encoded into the SNMP message format.... In other words, step 2 provided in the question is performed before step 1....

Thank you for your help.
0
 
David Johnson, CD, MVPOwnerCommented:
DES has been considered vulnerable for a long time because the time required to crack an encryption algorithm is directly related to the length of the key used to secure the communication. AES allows you to choose a 128-bit, 192-bit or 256-bit key, making it exponentially stronger than the 56-bit key of DES.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now