When the authentication mechanism suggested
in Appendix C
is used, the following state variables are defined in
addition to the variables described previously. These variables are used only if the optional
authentication mechanism described in
Authentication Enabled Bit (peer.authenable): This
is a bit indicating that the association is to operate in the authenticated mode.
Authenticated Bit (peer.authentic): This is a bit
indicating that the last message received from the peer has been correctly authenticated.
Key Identifier (peer.hostkeyid, peer.peerkeyid,
pkt.keyid): This is an integer identifying the cryptographic key used to generate the message-authentication code.
Cryptographic Keys (sys.key): This is a set of
64-bit DES keys. Each key is constructed as in the Berkeley Unix distributions, which consists of eight octets, where the seven
low-order bits of each octet correspond to the DES bits 1-7 and the high-order bit corresponds to the DES odd-parity bit 8.
Crypto-Checksum (pkt.check): This is a
crypto-checksum computed by the encryption procedure.