| They are best used for one-time encryption needs. | |
| They are often used for wire-speed encryption in data networks. | |
| They are based on complex mathematical operations and can easily be accelerated by hardware. | |
| They offer simple key management properties. |
| They are based on a two-way mathematical function. | |
| They are used for encrypting bulk data communications. | |
| They are easily reversed to decipher the message context. | |
| They convert arbitrary data into a fixed-length digest. |
| They have no potential impact on the data segment being monitored. | |
| They operate in promiscuous mode. | |
| They operate in inline mode. | |
| They are more vulnerable to evasion techniques than IDS. |