IPSEC header used to verify that the contents of a packet haven't been modified in transit. The latest IPSEC implementations include anti-replay features in the AH, and typically include AH features in the ESP.
The Authentication Header is a mechanism for providing strong integrity and authentication for IP datagrams. It might also provide non-repudiation, depending on which cryptographic algorithm is used and how keying is performed. For example, use of an asymmetric digital signature algorithm, such as RSA, could provide non- repudiation.
Used to provide connectionless integrity and data origin authentication for IP datagrams, and to provide protection against replays. This latter, optional service may be selected, by the receiver, when a Security Association is established. AH provides authentication for as much of the IP header as possible, as well as for upper level protocol data. AH may be applied alone, in combination with the IP Encapsulating Security Payload, or in a nested fashion through the use of tunnel mode.
One of two protocol choices (the other is Encapsulating Security Protection) in Internet Protocol Security (IPsec). IPsec protocol choice controls if confidentiality and/or message integrity are used to protect a data packet.