Home Page

VPN & Cryptography

Firewalls

Email & Spam

Security Terminology

 

VPN Terminology

VPN Tutorial Guide

3DES

AES

Aggressive Mode

Authentication Header

Asymmetric Encryption

Authentication

Certification Authority

Data Integrity

DES

Diffie-Hellman

Digital Certificate

Dynamic IP addresses

Encryption

ESP

IKE Oakley & ISAKMP

IPSec

IPSec Quick Mode

L2TP

Main Mode

MD5

NAT-T

PFS

PKI

Policy-vs-Route-VPN

PPTP

Pre-Shared Key

Remote Access User

RSA

Security Association

Sha-1

Site to Site VPN

SSL VPN

Transform Sets

Tunnel mode and Transport mode

VPN client tunneling option

VPN Topologies

VPN Tunnel

 

Authentication Header - IPsec protocol

 

 

IPsec uses two basic protocols, AH (authentication header) and ESP (encapsulation security payload). AH ensures data has not been tampered with and assures data integrity when in transmission. This is achieved by adding authentication information to a datagram. AH is not as used much as ESP as it does not provide data encryption (confidentiality) and so all data would be transported in clear text. The issue is, data would be readable, although protected from any modification attempts.

However if authentication is all that is required then only AH should be used. By leaving ESP turned off, this will provide better performance.

Further Reading

Wikipedia's guide to IPsec