March 5, 2002
Practical Aspects of Modern Cryptography
51
IPSEC ESP Tunnel Mode
Data
TCP Hdr
Orig IP Hdr
ESP Auth
Usually
encrypted
integrity hash
coverage
Data
TCP Hdr
ESP Hdr
IP Hdr
IPHdr
New IP header with source & destination IP address
ESP Trailer