A system for automatically encrypting and decrypting data packet sent from
a source host to a destination host across a public internetwork. A
tunnelling bridge is positioned at each network, and intercepts all
packets transmitted to or from its associated network. The tunnelling
bridge includes tables indicated pairs of hosts or pairs of networks
between which packets should be encrypted. When a packet is transmitted
from a first host, the tunnelling bridge of that host's network
intercepts the packet, and determines from its header information whether
packets from that host that are directed to the specified destination
host should be encrypted; or, alternatively, whether packets from the
source host's network that are directed to the destination host's network
should be encrypted. If so, the packet is encrypted, and transmitted to
the destination network along with an encapsulation header indicating
source and destination information: either source and destination host
addresses, or the broadcast addresses of the source and destination
networks (in the latter case, concealing by encryption the hosts'
respective addresses). An identifier of the source network's tunnelling
bridge may also be included in the encapsulation header. At the
destination network, the associated tunnelling bridge intercepts the
packet, inspects the encapsulation header, from an internal table
determines whether the packet was encrypted, and from either the source
(host or network) address or the tunnelling bridge identifier determines
whether and how the packet was encrypted. If the packet was encrypted, it
is now decrypted using a key stored in the destination tunnelling
bridge's memory, and is sent on to the destination host. The tunnelling
bridge identifier is used particularly in an embodiment where a given
network has more than one tunnelling bridge, and hence multiple possible
encryption/decryption schemes and keys. In an alternative embodiment, the
automatic encryption and decryption may be carried out by the source and
destination hosts themselves, without the use of additional tunnelling
bridges, in which case the encapsulation header includes the source and
destination host addresses.