Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Encryption ciphers

Ciphers are used to encrypt data, so that it cannot be read or monitored during transit. The vRouter supports the following encryption ciphers:

Table 1. Supported encryption ciphers
Cipher Description


The Advanced Encryption Standard (AES) is a U.S. government standard that was developed to take the place of DES, which has become easier to break by using the more powerful computers available today.

AES can run very quickly for a block cipher and can be implemented in a relatively small space. It has a block length that varies between 192 and 256 bits, and a key length that ranges between 128 and 256 bits in increments of 32 bits.

The vRouter supports AES with a 128-bit key and a 256-bit key.

The vRouter also supports the AES options with 128-bit or 256-bit Galois/Counter Mode (GCM), which provides improved efficiency and performance.


Triple-DES is a variant of the Data Encryption Standard (DES). DES was formerly the most commonly used cipher, but in recent years has been compromised and is no longer recommended as a first choice. The vRouter supports only Triple-DES.

Triple-DES is an iterative block cipher in which DES is used in three consecutive iterations on the same block of text and either two or three keys are used. The resulting cipher text is much harder to break than DES. Using two keys yields 112-bits key strength; using three keys yields 168-bits key strength.