Which encryption protocols does an AR support

AR routers support the Authentication Header (AH) and Encapsulating Security Payload (ESP) protocols. Their differences are as follows:
- AH: provides data origin authentication, data integrity check, and anti-replay services. The sender performs the hash algorithm on the IP payload and all header fields of an IP packet except for variable fields to generate a message digest. The receiver recalculates the message digest according to the received IP packet and compares the two message digests to determine whether the IP packet has been modified during transmission. AH does not encrypt the IP payload. It applies to non-confidential data transmission.
- ESP: encrypts the IP payload in addition to providing all the functions of AH. ESP can encrypt and authenticate the IP payload but does not protect the IP packet header. It applies to non-confidential data transmission.

AH and ESP can be used independently or together. When AH and ESP are used together, ESP encapsulation and then AH encapsulation are performed on an IP packet to be sent, providing higher security.

Scroll to top