March 2006
Intermediate to advanced
464 pages
12h 16m
English
book
The IMS: IP Multimedia Concepts And Services, Second Edition
by Miikka Poikselka, Georg Mayer, Hisham Khartabil, Aki Niemi
Content preview from The IMS: IP Multimedia Concepts And Services, Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
22.5. Encapsulated Security Payload (ESP)
Encapsulated Security Payload (ESP) is used to provide security services in IPv4 and IPv6. It can be used alone or in unison with an AH. It can provide either confidentiality (i.e., encryption) or integrity protection (i.e., authentication), or both. As mentioned previously, ESP can operate in transport mode and in tunnel mode.
The ESP header is inserted into the IP datagram after the IP header and before any upper layer protocol headers in transport mode, or before an encapsulated IP datagram in tunnel mode. Figure 22.1 illustrates the ESP packet format.
The fields in the ESP header are as follows:
The SPI – a unique and random 32-bit value that, together with the destination IP address and security protocol, uniquely identifies the SA for the packet.
The sequence number – a monotonically increasing 32-bit counter used to protect against replay attacks. When an SA is established the sequence number is reset to 0.
Payload data – a variable length field that typically contains the data payload, whose type is denoted by the next header field. It may also contain cryptographic synchronization data, such as an IV.
Padding – used to fill the payload data to a specific block size multiple required by a particular encryption algorithm, or to randomize the length of the payload in order to protect against traffic flow analysis.
Pad length – an 8-bit field whose value indicates in bytes the length of the padding field.
Next header – an 8-bit field whose ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.