Authentication is provided by Authentication Header (AH)

• The AH provides source authentication. It protects against source spoofing.
• The AH protects against replay attacks by using monotonically increasing sequence numbers.
• But it cannot provide confidentiality.
• The AH header format is shown aside:
  • Next header $\rightarrow$ type of header immediately following this header (e.g., TCP, IP, etc.)
  • Payload length $\rightarrow$ length of AH (in 32 bit words) minus 2
  • Security Parameters Index $\rightarrow$ identifies the SA used to generate this header
  • Sequence number $\rightarrow$ sequence o Sequence number $\rightarrow$ sequence number of the packet
  • Authentication data $\rightarrow$ a (truncated) MAC (default length is 3x32 bits)

Confidentiality is achieved using encapsulating security payload (ESP):

The header format of ESP is given as:

• Security Parameters Indexidentifies the SA used to generate this encrypted packet
• Sequence number
• Payload $\rightarrow$ transport level segment (transfer mode) or encapsulated IP packet (tunnel mode)
• Padding $\rightarrow$ variable length padding
• Pad length
• Next header $\rightarrow$ identifies the type of data contained in the header
• Authentication data $\rightarrow$ a (truncated) MAC computed over the ESP packet