In IPsec which protocol provides confidentiality through encryption?

Confidentiality in IPsec comes from the Encapsulating Security Payload, which encrypts the payload data so that only authorized parties can read it. ESP wraps the data in an encrypted payload, using algorithms like AES or DES, to protect against eavesdropping. It can also provide integrity if paired with an authentication mechanism, but its primary role is encryption for confidentiality. Authentication Header, on the other hand, offers authentication and integrity without encrypting the payload, so it does not provide confidentiality. IKE is used for negotiating keys and security associations, not for encrypting traffic directly. MD5 is a hash function used for integrity, not encryption. Therefore, the element that provides confidentiality through encryption is ESP.