Cryptography Reference
In-Depth Information
IPSec implementation MUST have, but SHOULD NOT have DES-CBC
as specified in [210]; AES-CBC (see [225]), which it SHOULD have; and
AES-CTR which it SHOULD have (see page 137). The Padding Field
is used, for instance, to expand the plaintext (consistingof the Payload
Data, Padding, Pad Length, and Next Header Fields described below), to
the desired length when an encryption algorithm specifies, say, some fixed
number of bytes.
5.
Pad Length
: This 8-bit field identifies how much of the encrypted payload
is padding.
6.
Next Header
: This 8-bit field identifies the type of data carried in the
payload data field by identifyingthe first header in that payload.
The ESP format dictates that the Pad Length and Next Header Fields be
right justified within a 32-bit word (see Diagram 8.22).
7.
Authentication Data
: This variable-length field (modulo 32) contains
the value representingthe ICV computed over the ESP packet minus the
Authentication Data Field.
Diagram 8.22 ESP Header Fields
Security Parameters Index (SPI)
←
→
Sequence Number
←
3
2
-bit
→
Payload Data
←
3
2
-bit
Variable
→
Padding
←
0
−
255 Bytes
→
Padding Field
(Continued)
Pad Length
←
Next Header
←
8-bit
→
8-bit
→
Authentication Data
←
Variable
→
Transport and Tunnel Mode ESP
We illustrated the general discussion of transport mode with ESP (IPv6
implemented) in Diagram 8.18. In this case, all parts of the packet, except
the original IP header and routing information are encrypted. Authentication
(which is optional) covers ciphertext and ESP header. The IP header and
plaintext IP extension headers are not encrypted since they have to be examined
by intermediate routers.
As with AH, either hosts or security gateways may employ tunnel mode
ESP. See Diagram 8.19 for an illustrated ESP IPv6 implemented tunnel mode.
When ESP is used at a security gateway, again as with AH, tunnel mode must
be employed (see Diagram 8.20). In this case, encryption occurs only between
Search WWH ::
Custom Search