The Authentication Header is a mechanism for providing strong integrity and authentication for IP datagrams. It might also provide non-repudiation, depending on which cryptographic algorithm is used and how keying is performed. For example, use of an asymmetric digital signature algorithm, such as RSA, could provide non- repudiation.

Part of IP Security (IPSec) specification. Other IPSec header mechanisms include Diffie-Hellman, DES, 3DES, and others.

Used to provide connectionless integrity and data origin authentication for IP datagrams, and to provide protection against replays. This latter, optional service may be selected, by the receiver, when a Security Association is established. AH provides authentication for as much of the IP header as possible, as well as for upper level protocol data. AH may be applied alone, in combination with the IP Encapsulating Security Payload, or in a nested fashion through the use of tunnel mode.

The AH provides data integrity, system-level authentication and can provide anti-replay protection.

The IPsec header used to verify that the contents of a packet have not been altered in transit.

An extension header that provides authentication and integrity (without confidentiality) to IPv6 datagrams.

One of two protocol choices (the other is Encapsulating Security Protection) in Internet Protocol Security (IPsec). IPsec protocol choice controls if confidentiality and/or message integrity are used to protect a data packet.