Assuming the plaintext security header does not grow too much, you might consider using the rx checksum field to hold it.