About AH and ESP

The transmission mode is the default IPSec mode for peer-to-peer communication (for example, communication between the client and the server ). When the transmission mode is used, IPSec only encrypts the IP load. The transmission mode protects the IP load through the AH or ESP header. Typical IP load includes TCP segment (including TCP header and TCP segment data), a UDP message (including UDP header and UDP message data) and an ICMP message (including ICMP header and ICMP message data ).

Authentication Header Transmission Mode
Authentication Header (AH) provides authentication, integrity, and anti-replay protection for the entire data packet (IP header and data load in the data packet. However, it does not provide confidentiality, that is, it does not encrypt data. Data can be read but cannot be modified. Ah uses encrypted hashAlgorithmSign the data packet to obtain the integrity. For more information, see use Hash Functions for data integrity.

For example, Alice of computer A sends data to bob of computer B. The integrity of the IP header, Ah header, and data is protected. This means Bob can determine that it is indeed the data sent by Alice and the data has not been modified.

Integrity and authentication are provided by the ah header placed between the IP header and the IP load.

Use IP protocol id 51 in the IP header to identify ah. Ah can be used independently or in combination with the encapsulated security measure load (ESP) protocol.

The Ah header contains the following fields:

Next Header
The IP protocol ID is used to identify the IP load. For example, a value of 6 indicates TCP.

Length
The length of the ah header.

Security parameter index (SPI)
Used in combination with the target address and Security Protocol (AH or ESP) to ensure correct and secure communication. The receiver uses this value to determine which security association ID the data packet uses.

Ordinal number
Provides anti-replay protection for this packet. The ordinal number is a 32-bit, increasing number (starting from 1). It indicates the number of packets sent through the secure association of communication. The serial numbers cannot be repeated during the lifetime of the Quick Mode Security Association. The receiver will check this field to confirm that the security associated data packets using this number have not been received. If a packet has been received, the packet is rejected.

Authentication data
Contains the integrity check value (icv), also known as the message identity verification code, used to verify the message identity authentication and integrity. The receiver calculates the icv value and verifies it against the value calculated by the sender to verify the integrity. Icv is calculated by IP header, Ah header, and IP load.

Use the ah header to sign data packets
Ah signs the entire packet for integrity, except for some fields in the IP header that may be changed during transmission (for example, the "survival time" and "service type" fields ). If there is another IPSec header besides ah, the ah header is inserted before all other IPSec headers.

Encapsulated security measure Load Transmission Mode
Encapsulated security measure load (ESP) not only provides authentication, integrity, and anti-replay protection for IP load, but also provides confidentiality. ESP in transmission mode does not sign the entire data packet. Only protects IP load (not IP header. ESP can be used independently or in combination with Ah.

For example, Alice of computer A sends data to bob of computer B. The IP address load is encrypted and signed to protect its integrity. After the integrity verification process is completed, the data load in the data packet is decrypted. So Bob can determine that it is the data sent by Alice and the data has not been modified. No one else can read the data.

Use IP protocol ID 50 in the IP header to identify ESP. As shown in, the ESP header is placed before the IP address load, and the ESP end are placed after the IP address load.

The ESP header contains the following fields:

Security parameter index
Make sure that the communication is properly and securely associated with the target address and Security Protocol (AH or ESP. The receiver uses this value to determine which security association should be used to identify the data packet.

Ordinal number
Provides anti-replay protection for this packet. The ordinal number is a 32-bit, incremental number (starting from 1). It indicates the number of packets sent by security association through the fast mode of communication. The serial numbers cannot be repeated during the lifetime of the Quick Mode Security Association. The receiver will check this field to confirm that the security associated data packets using this number have not been received. If a received packet exists, it is rejected.

The ESP end contains the following fields:

Fill
Fill 0 ~ The 255 bytes are used to ensure that the load that uses the padding byte encryption can reach the byte boundary required by the encryption algorithm.

Fill Length
The length (in bytes) of the "fill" field ). After encryption and decryption by the padding byte, the receiver uses this field to delete the padding byte.

Next Header
Identifies the data type in the load, such as TCP or UDP.

The ESP verification end contains the following fields:

Authentication data
Contains the integrity check value (icv), also known as the message identity verification code, used to verify the message identity authentication and integrity. The receiver calculates the icv value and verifies it against the value calculated by the sender to verify the integrity. Icv is calculated through the ESP header, load data, and ESP tail end.

Data Packet signature and Encryption
As shown in, esp can protect IP load. The signature part of the data packet indicates the integrity of the data packet and the identity authentication signature. The encrypted part of the data packet indicates what information is protected by confidentiality.

 

The IP header is not signed and does not need to be protected to prevent modification. To provide data integrity and authentication for the IP header, use ESP and AH.

Comparison between AH and ESP

IP packet | ESP packet | IP load (TCP packet, UDP packet, ICMP packet) | ESP tail | ESP auth tail