Why does encryption not destroy the way networks work?

Your assumption #4 is partly correct. Most often in technologies such as SSL/TLS, IP addresses & MAC addresses are sent unencrypted. More specifically, if we look at the OSI Networking Model, IP addresses are part of the of level 3, MAC addresses are part of level two whereas SSL/TLS is at level 4. Most encryption technologies work above level 3 so that the addressing can be read by standard routers and switches.

In order to solve the man in the middle problem encryption technologies have to provide some sort of authentication before starting up and encrypted session. In the SSL/TLS example the use of certificates which are provided by a trusted certificate authority (ie Verisign) is used for authentication.


To go into possibly unwanted detail: Encryption takes place at the transport layer and above, for precisely the reasons of your concern. The transport layer is the one immediately above IP and other addressing schemes. This means that the information required for these protocols is not encrypted, because the data belongs to a lower layer.

For instance, TLS and its predecessor SSL encrypt at the transport layer. This means that the only data that is unencrypted are the IP headers.

Meanwhile, when you choose to encrypt an email in your favorite email program, it will only encrypt the actual email message, while the IP, TCP, and SMTP headers will all be unencrypted. This message, in turn, might be transmitted over a TLS connection. TLS will then encrypt the TCP and SMTP portions, effectively encrypting the message body twice. The unencrypted IP header would then be enough to get it from your computer to the email server. The email server would then decrypt the TLS, allowing it to see that this is a TCP SMTP message. It would then give that to the SMTP program, which would be able to send it to the correct inbox. Once there, the user's email reader would have the information necessary to decrypt the message body.