网络的经济基础篇-之三-AH、ESP

1      Authentication Header

The header immediately preceding AH headerSHALL set 51 in its Protocol field (IPv4) or Next Header field (IPv6,Extension).

PayloadLength

4-byte (32 bits), the length of AH minus 2.

SecurityParameters Index (SPI)

SPI is an arbitrary 32-bit value that isused by receiver to identify the SA to which an incoming packet is bound.

Each entry in the Security AssociationDatabase (SAD) must indicate whether the SA lookup make use of the destinationaddress, or destination and source addresses, in addition to the SPI.

1. Search the SAD for a match on {SPI,destination address, source address};

2. Search the SAD for a match on {SPI,destination address};

3. Search the SAD for a match on only {SPI};

4. Otherwise, discard the packet.

SequenceNumber

Sequence Number contains a counter valuethat increases by one for each packet sent.

The sender MUST always transmit SequenceNumber field, but the receiver need not act upon it.

The sender’s counter and the receiver’scounter are initialized to 0 when an SA is established. The first packet sent witha given SA will have a sequence number of 1. If anti-replay is enabled (thedefault), the sequence number must never be allowed to cycle. Thus, thesender’s counter and the receiver’s counter MUST be reset by establishing a newSA prior to the transmission of 2^32nd packet on old SA.

IntegrityCheck Value (ICV)

The length of ICV field is specified by theintegrity algorithm selected and associated with the SA.

ICV field must be an integral multiple of32 bits in length, so ICV field may include explicit padding, if required toensure the length of the AH header is an integral multiple of 32 bits (IPv4) or64 bits (IPv6).

1.1     Authentication Header Location

1.1.1   Transport Mode

For IPv4, place AH after the IP header andany options it contains, but before the next layer protocol.

For IPv6, AH is viewed as an end-to-endpayload, and should appear after hop-by-hop, routing, and fragmentationextension headers. The destination options extension header(s) could appear beforeor after or both before and after the AH header depending on the semanticsdesired.

* = ifpresent, could be before AH, after AH, or both

1.1.2   Tunnel Mode

Mixed inner and outer IP versions areallowed, i.e., IPv6 over IPv4 and IPv4 over IPv6.

2      Encapsulating Security Payload

The header immediately preceding ESP headerSHALL set to 51 in its Protocol field (IPv4) or Next Header field (IPv6,Extension).

* If tunnel mode is used, the IPsecimplementation can add Traffic Flow Confidentiality (TFC) padding after thePayload Data and before the Padding (0-255 bytes) field.

explicit ESP trailer (which is transmitted)consists of Padding, Pad Length, and Next Header fields;

implicit ESP trailer (which is nottransmitted).

If the integrity service is selected, theintegrity computation encompasses the SPI, Sequence Number, Payload Data, andESP trailer (explicit and implicit).

If the confidentiality service is selected,the ciphertext consists of the Payload Data (except for any cryptographicsynchronization data) and the explicit ESP trailer.

PayloadData

Payload Data is a variable-length fieldcontaining data from the original IP packet described by the Next Header field.

If the encryption algorithm requirecryptographic synchronization data, such data is carried explicitly in thePayload field. Any encryption algorithm that requires such synchronization dataMUST define the length, structure and location of such data in RFC specifyinghow the algorithm is used with ESP. If such synchronization data is implicit,the encryption algorithm MUST define how to derive such data in RFC specifyinghow the algorithm is used with ESP.

Padding

Note that the beginning of the next layerheader MUST be aligned relative to the beginning of the ESP header as follows:

For IPv4, the alignment is multiple of 4bytes.

For IPv6, the alignment is multiple of 8bytes.

PadLength

byte, length of the Padding field immediatelypreceding it, does not include any TFC padding bytes.

NextHeader

Next Header identify the type of datacontained in the Payload Data field, e.g., 4 indicate IPv4, 41 indicate IPv6,and 6 indicate TCP.

TrafficFlow Confidentiality (TFC) Padding

TFC padding can be added only if thePayload Data field contain length information of the datagram.

It is always true for tunnel mode, and maybe true for transport mode depending on whether the next layer protocol (e.g.,IP, UDP, ICMP) contain explicit length information.

IntegrityCheck Value (ICV)

The length of ICV field is specified by theintegrity algorithm selected and associated with the SA.

ICV field must be an integral multiple of32 bits in length, so ICV field may include explicit padding, if required toensure the length of the AH header is an integral multiple of 32 bits (IPv4) or64 bits (IPv6).

2.1     ESP Header Location

2.1.1   Transport Mode

For IPv4, place ESP after the IP header andany options it contains, but before the next layer protocol. If AH is alsoapplied, it is applied to the ESP header, Payload, ESP trailer, and ICV.

For IPv6, ESP is viewed as an end-to-endpayload, and should appear after hop-by-hop, routing, and fragmentationextension headers. Destination options extension header(s) could appear before,after, or both before and after the ESP header depending on the semanticsdesired. However, because ESP protects only fields after the ESP header, itgenerally will be desirable to place the destination options header(s) afterthe ESP header.

* = if present, could be before ESP, after ESP, orboth

2.1.2   Tunnel Mode

Mixed inner and outer IP versions areallowed, i.e., IPv6 over IPv4 and IPv4 over IPv6.

3      AH vs ESP

The primary difference between ESP and AHis the extent of the coverage.

AH provides authentication for as much ofthe IP header as possible, as well as for next level protocol data; ESP doesnot protect any IP header fields unless those fields are encapsulated by ESP, e.g.,via tunnel mode.