26. Link-level vs. end-to-end confidentiality Host A Host B R R R Link-level enrypt/ decrypt End-to-end enrypt/ decrypt
27. Link-level vs. end-to-end confidentiality Link-level encryption End-to-end encryption Security within nodes, hosts Exposed in intermediate nodes Exposed in end hosts Encrypted in intermediate nodes Encrypted/Decrypted by end hosts Role of end devices, intermediate nodes Intermediate nodes require encryption One key for each link Done in hardware Only end hosts need encryption One key per session/connection Perhaps done in software