Description
Authentication Header (AH)
Complete Definition
AH provides integrity and authentication and non-repudiation, if the appropriate choice of cryptographic algorithms is made.
The AH is intended to guarantee connectionless integrity and data origin authentication of IP datagrams. Further, it can optionally protect against replay attacks by using the sliding window technique and discarding old packets. AH protects the IP payload and all header fields of an IP datagram except for mutable fields, i.e. those that might be altered in transit. In IPv4, mutable (and therefore unauthenticated) IP header fields include TOS, Flags, Fragment Offset, TTL and Header Checksum. AH operates directly on top of IP, using IP protocol number 51.
AH Wikipedia Definition
RFCs:
- IP Authentication Header - RFC 4302
- Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) - RFC 4835
- IP Encapsulating Security Payload (ESP) - RFC 4303
Also See: