This is about … .
Since AH protocol is only all about integrity and one needs to persue confidentiality as well, ESP comes into play.
- replay
- authentication
- integrity check (why to use AH as well here?)
ESP protocol data consists of 3 parts:
- Header
- Trailer
- Authentication block
Header Anatomy
32 Security Parameters Index. Alomg with IP and sec protocol (ESP) - sec association id for the datagram. 32 Sequence number. Replay attacks mitigation.
Trailer Anatomy
0-2040 Padding. 8 Pad Length. How many pad bytes precede it. 8 Next header. What’s in the payload?
Authentication Anatomy
Is plaxed at the very end of the packet. Variable length. Contains ICV(ESP packet - Authentication data).