diff --git a/aes.cpp b/aes.cpp
index 4952c930..8554f490 100644
--- a/aes.cpp
+++ b/aes.cpp
@@ -1,4 +1,5 @@
 #include <stdlib.h>
+#include "TunnelBase.h"
 #include "aes.h"
 
 namespace i2p
@@ -287,6 +288,20 @@ namespace crypto
 		Decrypt (1, (const ChipherBlock *)in, (ChipherBlock *)out); 
 #endif
 	}
+
+	void TunnelEncryption::Encrypt (uint8_t * payload)
+	{
+		m_IVEncryption.Encrypt ((ChipherBlock *)payload, (ChipherBlock *)payload); // iv
+		m_LayerEncryption.Encrypt (payload + 16, i2p::tunnel::TUNNEL_DATA_ENCRYPTED_SIZE, payload + 16); // data
+		m_IVEncryption.Encrypt ((ChipherBlock *)payload, (ChipherBlock *)payload); // double iv
+	}
+
+	void TunnelDecryption::Decrypt (uint8_t * payload)
+	{
+		m_IVDecryption.Decrypt ((ChipherBlock *)payload, (ChipherBlock *)payload); // iv
+		m_LayerDecryption.Decrypt (payload + 16, i2p::tunnel::TUNNEL_DATA_ENCRYPTED_SIZE, payload + 16); // data
+		m_IVDecryption.Decrypt ((ChipherBlock *)payload, (ChipherBlock *)payload); // double iv
+	}
 }
 }
 
diff --git a/aes.h b/aes.h
index 3cd905b6..967aab92 100644
--- a/aes.h
+++ b/aes.h
@@ -138,6 +138,42 @@ namespace crypto
 			ChipherBlock m_IV;
 			ECBDecryption m_ECBDecryption;
 	};	
+
+	class TunnelEncryption // with double IV encryption
+	{
+		public:
+
+			void SetKeys (uint8_t * layerKey, uint8_t * ivKey)
+			{
+				m_LayerEncryption.SetKey (layerKey);
+				m_IVEncryption.SetKey (ivKey);
+			}	
+
+			void Encrypt (uint8_t * payload); // 1024 bytes (16 IV + 1008 data)		
+
+		private:
+
+			ECBEncryption m_IVEncryption;
+			CBCEncryption m_LayerEncryption;
+	};
+
+	class TunnelDecryption // with double IV encryption
+	{
+		public:
+
+			void SetKeys (uint8_t * layerKey, uint8_t * ivKey)
+			{
+				m_LayerDecryption.SetKey (layerKey);
+				m_IVDecryption.SetKey (ivKey);
+			}			
+
+			void Decrypt (uint8_t * payload); // 1024 bytes (16 IV + 1008 data)	
+
+		private:
+
+			ECBDecryption m_IVDecryption;
+			CBCDecryption m_LayerDecryption;
+	};
 }
 }