pwe3-3----Page:3
1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  21 

MACsec
Recently IEEE 802.1ae proposed a security mechanism
based on AES-128, but with a new mode - Galois Counter Mode






SecTAG contains
MACsec Ethertype (88E5)
4B Packet Number (sequence number)
8B Secure Channel Identifier

DA
SA
Type
payload
FCS
DA
SA
secure data
FCS’
SecTAG (incl. IV)
ICV
integrity
optional
confidentiality
12 B Initialization Vector
PPT Version