Authentication Header
The Authentication Header can be used to do the following.
- Provide strong integrity services for IP datagrams, which means the AH can be used to carry content verification data for the IP datagram.
- Provide strong authentication for IP datagrams, which means that the AH can be used to link an entity with the contents of the datagram.
- Provide nonrepudiation for IP datagrams, assuming that a public key digital signature algorithm is used for integrity services.
- Protect against replay attacks through the use of the sequence number field.
The Authentication Header can be used in tunnel mode or in transport mode, which means that it can be used to authenticate and protect simple, direct datagram transfers between two nodes, or it can be used to encapsulate an entire stream of datagrams that is sent to or from a security gateway.
In transport mode, the Authentication Header protects the payload of the original IP datagram as well as the parts of the IP Header that do not change from hop to hop (e.g., the Hop Limit fi eld or Routing Headers). Figure below shows what happens to a transport mode IP datagram as the Authentication Header is calculated and added to it (the Destination Options Header may also appear before the Authentication Header). The destination IP address and extension headers are protected only insofar as they do not change from hop to hop.
When the Authentication Header is used in tunnel mode, however, it is used differently. Figure below shows the difference. The original destination IP address, along with the entire original IP datagram, is encapsulated into an entirely new IP datagram that is sent to the security gateway. Thus, the entire original IP datagram is fully protected, as are the portions of the encapsulating IP Headers that don't change.
AH header fields include the following.
Payload length This 8-bit field indicates the entire length of the Authentication Header in units of 32-bit words, minus 2.
As originally defined, the Authentication Header consisted of 64 bits of header, with the rest devoted to authentication data (see the following). Thus, the payload length field merely indicated the length (in 32-bit words) of the authentication data. With the addition of the Sequence Number field (see the following), this value now equals the length of the authentication data plus the length of the Sequence Number field.
Reserved The next 16 bits are reserved for future use; at present, they must be set to all zeros.
Security Parameter Index (SPI) This 32-bit value is an arbitrary number. Together with the destination IP address and security protocol (in this case, AH to indicate the Authentication Header), the SPI uniquely identifies the security association to be used for the Authentication Header. An SPI value of zero is for local use only and should never be transmitted; values from 1 through 255 are reserved by the Internet Assigned Numbers Authority (IANA) for future use.
Sequence Number This 32-bit value is a mandatory counter; it is also included by the sender, although it may not always be used by the recipient. Starting from zero, this counter is incremented with every datagram sent and is used to prevent replay attacks. When the recipient is using it for antireplay purposes, it will discard any datagrams that duplicate a sequence number that has already been received. This means that when the counter is ready to cycle through (when 2 datagrams have been received), a new security association must be negotiated-otherwise, the receiving system will discard all datagrams once the counter is reset.
Authentication Data This field contains the Integrity Check Value (ICV), which is the heart of the Authentication Header. The contents must be a multiple of 32 bits in length and may contain padding to attain that length. Calculation of this value is discussed in the next section.
In this tutorial:
- IP Security
- IP Security Issues
- Security Goals
- Encryption and Authentication Algorithms
- Symmetric Encryption
- Public Key Encryption
- Key Management
- Secure Hashes
- Digital Signature
- IPSEC: The Protocols
- IP and IPSEC
- Security Associations
- Using Security Associations
- Tunnel and Transport Mode
- Encapsulating Security Payload (ESP)
- Authentication Header
- Calculating the Integrity Check Value (ICV)
- IPsec Headers in Action
- Implementing and Deploying IPSEC