Authentication Header

Ways of using AH

You can apply AH in two ways: transport mode or tunnel mode. In transport mode, the IP header of the datagram is the outermost IP header, followed by the AH header and then the payload of the datagram. AH authenticates the entire datagram, except the mutable fields. However, the information contained in the datagram is transported in the clear and is, therefore, subject to eavesdropping. Transport mode requires less processing overhead than tunnel mode, but does not provide as much security.

Tunnel mode creates a new IP header and uses it as the outermost IP header of the datagram. The AH header follows the new IP header. The original datagram (both the IP header and the original payload) comes last. AH authenticates the entire datagram, which means that the responding system can detect whether the datagram changed while in transit.

When either end of a security association is a gateway, use tunnel mode. In tunnel mode the source and destination addresses in the outermost IP header do not need to be the same as those in the original IP header. For example, two security gateways might operate an AH tunnel to authenticate all traffic between the networks they connect together. In fact, this is a very typical configuration.

The main advantage to using tunnel mode, is that tunnel mode totally protects the encapsulated IP datagram. In addition, tunnel mode makes it possible to use private addresses.

Why AH?

In many cases, your data only requires authentication. While the Encapsulating Security Payload (ESP) protocol can perform authentication, AH does not affect your system performance as does ESP. Another advantage of using AH, is that AH authenticates the entire datagram. ESP, however, does not authenticate the leading IP header or any other information that comes before the ESP header.

In addition, ESP requires strong cryptographic algorithms in order to be put into effect. Strong cryptography is restricted in some regions, while AH is not regulated and can be used freely around the world.

Using ESN with AH

If you use the AH protocol then you might want to enable Extended Sequence Number (ESN). ESN allows you to transmit large volumes of data at a high speed with out re-keying. The VPN connection uses a 64-bit sequence numbers instead of 32-bit numbers over IPSec. Using 64-bit sequence numbers allows more time before re-keying, which prevents sequence number exhaustion and minimizes the use of system resources.

What algorithms does AH use to protect my information?

AH uses algorithms known as hashed message authentication codes (HMAC). Specifically, VPN uses HMAC-MD5, HMAC-SHA, or AES-XCBC-MAC. Each of the algorithms take variable-length input data and a secret key to produce fixed-length output data (called a hash or MAC value). If the hashes of two messages match, then it is likely that the messages are the same.

The Internet Engineering Task Force (IETF) formally defines the algorithms in the following Request for Comments (RFC):

• HMAC-MD5 in RFC 2085, HMAC-MD5 IP Authentication with Replay Prevention
• HMAC-SHA in RFC 2404, The Use of HMAC-SHA-1-96 within ESP and AH
• AES-XCBC-MAC in RFC 3566, The AES-XCBC-MAC-96 Algorithm and Its Use With IPsec

You can view these RFCs on the Internet at the following Web site: http://www.rfc-editor.org.