Skip to main content

Encapsulating Security Payload

aliases:

  • ESP

A core protocol of IPsec.

ESP is used to encrypt only the payload, and doesn't compute an ICV exactly like AH does. Instead, ESP attaches three fields to the packet:

  • a header
  • a trailer
  • an ICV computed without the IP header

With ESP, algorithms for both confidentiality (symmetric cipher) and authentication/integrity (hash function) are usually applied together. It is possible to use one or the other, however.

No comments to display

Back to top