An easy to implement and generic solution has been proposed. The parties must negotiate to find an integrity type, or message authentication code, they both support. This negotiation feature allows new (and improved) integrity types to be added. The stream-cipher method proposed by Oksås [1] could easily be added.
If both the integrity and the encryption options are enabled, the integrity information will be encrypted twice. Processing time can be saved by defining an integrity type which does not encrypt the integrity information. Of course, care must be taken to use this integrity type only when encryption has been enabled.
The specification of the integrity option does not define anything that will detect blocking of the communication link by an active intruder. Blocking can, however, be detected by sending AYT (see page ) commands periodically.