IPSEC Authentication Header (AH)
Provides data origin authentication and integrity.
One of the following algorithms are used to support AH. The algorithm may be a one way hash function or a symmetric encryption algorithm. Hash functions:
- Keyed MD5 - RFC 1828
- SHA - RFC 1852
- HMAC MD5 - RFC 2085
- HMAC SHA
Symmetric encryption algorithms:
Organized in 32 bit words the format is as follows:
- Next header - Word 0, Bits 0-7
- Payload length - Word 0, Bits 8-15
- Reserved - Word 0, Bits 16-31
- Security Parameters Index (SPI) - Word 1
- Sequence Number Field - Word 2
- A variable amount of authentication data.