Authentication Header (AH)

SPI + destination address determines security

association (algorithm, key, structure of authentication data)

Must-implement is keyed MD5 over the invariant fields

of the IP datagram, using a secret key shared between

source and destination

Non-repudation might be provided if AH is used with

asymmetric algorithms (digital signatures)

Previous slide

Next slide

Back to first slide

View graphic version