Title :
Analysis of IPSec overheads for VPN servers
Author :
Shue, Craig ; Shin, Youngsang ; Gupta, Minaxi ; Choi, Jong Youl
Author_Institution :
Dept. of Comput. Sci., Indiana Univ., Bloomington, IN, USA
Abstract :
Internet protocol security (IPSec) is a widely deployed mechanism for implementing virtual private networks (VPNs). This paper evaluates the performance overheads associated with IPSec. We use Openswan, an open source implementation of IPSec, and measure the running times of individual security operations and also the speedup gained by replacing various IPSec components with no-ops. The main findings of this study include: VPN connection establishment and maintenance overheads for short sessions could be significantly higher than those incurred while transferring data, and cryptographic operations contribute 32 - 60% of the total IPSec overheads.
Keywords :
IP networks; network servers; telecommunication security; transport protocols; virtual private networks; IPSec overheads; Internet protocol security; Openswan; VPN servers; virtual private networks; Cryptographic protocols; Cryptography; Data security; Electrostatic precipitators; Encapsulation; Internet; Protection; Transport protocols; Virtual private networks; Web server;
Conference_Titel :
Secure Network Protocols, 2005. (NPSec). 1st IEEE ICNP Workshop on
Print_ISBN :
0-7803-9427-5
DOI :
10.1109/NPSEC.2005.1532049
