Microsoft Point-to-Point Encryption

From Wikipedia, the free encyclopedia

Microsoft Point-to-Point Encryption (MPPE) encrypts data in Point-to-Point Protocol (PPP)-based dial-up connections or Point-to-Point Tunneling Protocol (PPTP) virtual private network (VPN) connections. 128-bit key (strong), 56-bit key, and 40-bit key (standard) MPPE encryption schemes are supported. MPPE provides data security for the PPTP connection that is between the VPN client and the VPN server.

MPPE alone does not compress or expand data, but the protocol is often used in conjunction with Microsoft Point-to-Point Compression which compresses data across PPP or VPN links.

Negotiation of MPPE happens within the Compression Control Protocol (CCP), a subprotocol of PPP. This can lead to incorrect belief that it is a compression protocol.

RFC 3078, which defines this protocol, defines RC4 with either 40-bit or 128-bit key lengths as the only encryption options with this protocol.

External links[edit]

  • RFC 3078 (the protocol), RFC 3079 (deriving initial session keys)
  • MPPE, Microsoft Point-To-Point Encryption Protocol Archived 2013-07-30 at the Wayback Machine