The security of communications via VPN fulfills three core requirements:
- Confidentiality: Encryption ensures that no unauthorized users can read the transmitted data.
- Integrity: The data cannot be changed during transmission (via authentication).
- Authenticity: The receiver can be certain that received data has genuinely been sent by the supposed sender (via authentication).
A number of encryption and authentication methods exist which provide satisfactory solutions for the first two aspects, confidentiality and integrity. The use of digital certificates aims to provide assurance about the authenticity of the communications partner.
