Authentication Header

Why Trust Techopedia

What Does Authentication Header Mean?

Authentication Header (AH) is a protocol and part of the Internet Protocol Security (IPsec) protocol suite, which authenticates the origin of IP packets (datagrams) and guarantees the integrity of the data. The AH confirms the originating source of a packet and ensures that its contents (both the header and payload) have not been changed since transmission.

Advertisements

If security associations have been established, AH can be optionally configured to defend against replay attacks using the sliding window technique.

Techopedia Explains Authentication Header

AH provides authentication of the IP header and next-level protocol data. This can be applied in a nested fashion, or in conjunction with the IP encapsulating security payload (ESP). Security services are intiated between two communicating hosts, between two communicating security gateways or between a security gateway and a host.

AH provides data integrity using a checksum generated by an authentication code, similar to MD5. There is a secret shared key in the AH algorithm for data origin authentication. Using a sequence number field inside the AH header, relay protection is ensured.

AH can be used in tunnel or transport mode. In transport mode, the IP header of a datagram is the outermost IP header, followed by the AH header and the datagram. This mode requires a reduced processing overhead compared to tunnel mode, which creates new IP headers and uses them in the outermost IP header of the datagram.

The fields within an AH header include:

  • Next header
  • Payload length
  • Reserved
  • Security parameters
  • Sequence numbers
  • Integrity check value
Advertisements

Related Terms

Margaret Rouse
Technology expert
Margaret Rouse
Technology expert

Margaret is an award-winning writer and educator known for her ability to explain complex technical topics to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles in the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret’s idea of ​​a fun day is to help IT and business professionals to learn to speak each other’s highly specialized languages.