Message Authentication Code

• Uses an algorithm known as HMAC

• HMAC takes as input a portion of the message and a secret key and produces a MAC as output

• This MAC value is stored in the Authentication Data field of the AH header

• The calculation takes place over the entire enclosed TCP segment plus the authentication header

• When this IP packet is received at the destination, the same calculation is performed using the same key

  • If the calculated MAC equals the value of the received MAC, then the packet is assumed to be authentic

Previous slide

Next slide

Back to first slide

View graphic version