Intel® IXP400 Software

Access-Layer Components: Security (IxCryptoAcc) API

April 2005 IXP400 Software Version 2.0 Programmer’s Guide

100 Document Number: 252539, Revision: 007

7.4.2.2 Reference AH Dataflow

Figure 35 shows the example data flow for IP Security environment. Transport mode AH is used in

this example. IPSec client handles IP header mutable fields.

Figure 34. ESP Data Flow

Plain text
Plain Text
ESP
Header ESP
Trailer
Cipher Text
ESP
Header ESP
Trailer
Encrypt & Authen tic ate
Req (SA_ID, ...)
Encrypt & Authe n tic a te
Req (SA_ID, ...)
Encyption Operation
Cipher Text
ESP
Header ESP
Trailer ESP
Auth
Cipher Text
ESP
Header ESP
Trailer ESP
Auth
Cipher Text
ESP
Header ESP
Trailer ESP
Auth
Forward authentication Operation
Plain Text
ESP
Header ESP
Trailer
Application
IPSec Client
Access Component /
Intel XScale® Core
NPE
Processed by
IPSec client
Processed by
NPE
From Application

B2333-02