Skip to main content
IBM 
ShopSupportDownloads
IBM HomeProductsConsultingIndustriesNewsAbout IBM
IBM : developerWorks : Security : Education - online courses
Virtual private networks, Part 2		Download tutorial zip fileView letter-sized PDF fileView A4-sized PDF fileE-mail this tutorial to a friend
Main menuSection menuGive feedback on this tutorialPreviousNext
3. Encapsulating Security Protocol
  


Packet fields: Security Parameter Index, Sequence Number, Payload Data page 4 of 11


The ESP packet contains the following fields:

Security Parameter Index (SPI)
This field is 32 bits in length, and is defined the same as it was in the AH discussion (see Part 1).

Sequence Number
This 32-bit field is an increasing counter, and again follows the AH definitions. It is used to prevent replay attacks.

Payload Data
This field is mandatory. It consists of a variable number of bytes of data described by the Next Header field. PD is encrypted with the cryptographic algorithm selected during SA establishment. If the algorithm requires initialization vectors, they will be included here as well.

The ESP specification requires support for the DES algorithm in CBC mode (DES-CBC transform). Other encryption algorithms are also supported, such as triple-DES.


Main menuSection menuGive feedback on this tutorialPreviousNext
PrivacyLegalContact