When the authentication mechanism suggested in Appendix C is used, the following state variables are defined in addition to the variables described previously. These variables are used only if the optional authentication mechanism described in Appendix C is implemented.
Authentication Enabled Bit (peer.authenable): This is a bit indicating that the association is to operate in the authenticated mode.
Authenticated Bit (peer.authentic): This is a bit indicating that the last message received from the peer has been correctly authenticated.
Key Identifier (peer.hostkeyid, peer.peerkeyid, pkt.keyid): This is an integer identifying the cryptographic key used to generate the message-authentication code.
Cryptographic Keys (sys.key): This is a set of 64-bit DES keys. Each key is constructed as in the Berkeley Unix distributions, which consists of eight octets, where the seven low-order bits of each octet correspond to the DES bits 1-7 and the high-order bit corresponds to the DES odd-parity bit 8.
Crypto-Checksum (pkt.check): This is a crypto-checksum computed by the encryption procedure.