Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
This question's been confusing me a bit.

From what I've been reading, in this scenario: tunnel mode with ESP_SHA_HMAC as integrity and ESP_AES_256 as the encryption algorithm then everything after the ESP trailer (ie the orginal packet including its IP header) will be encrypted and hashed - but the new IP header won't be either (you would need AH to hash that header).

So this suggests to me that the right answer is:

"Only the data field of the packet will be encrypted..."

Am I on the wrong track here?

Forum Jump:

Users browsing this thread: 1 Guest(s)