Chapter 17. IPsec: AH and ESP
IPsec is an IETF standard for real-time communication security. The concepts behind such a protocol were already covered in Chapter 16 Real-time Communication Security. The main pieces of IPsec are AH and ESP, which describe the IP header extensions for carrying cryptographically protected data, and IKE, which is a protocol for authenticating and establishing a session key. This chapter covers AH and ESP, and Chapter 18 IPsec: IKE will cover IKE.
Overview of IPsec
The part of IPsec that we cover in this chapter assumes that two nodes already have a shared session key, which might have been configured manually, or established through IKE.
Since Bob might be receiving IPsec-protected packets from many sources, maybe even ...