Analysis of IPSec overheads for VPN servers

Authors:
Craig Shue;Youngsang Shin;Minaxi Gupta;Jong Youl Choi
Affiliations:
Computer Science Department, Indiana University, Bloomington, IN;Computer Science Department, Indiana University, Bloomington, IN;Computer Science Department, Indiana University, Bloomington, IN;Computer Science Department, Indiana University, Bloomington, IN
Venue:
NPSEC'05 Proceedings of the First international conference on Secure network protocols
Year:
2005

Citing 2
Cited 3

IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks

IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks
Performance analysis of TLS Web servers

ACM Transactions on Computer Systems (TOCS)

Open Source Mobile VPNs over Converged All-IP Networks

Journal of Network and Systems Management
IPSEC vs SSL: VPN technology: IPSEC vs SSL

Network Security
PCTCP: per-circuit TCP-over-IPsec transport for anonymous communication overlay networks

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Internet Protocol Security (IPSec) is a widely deployed mechanism for implementing Virtual Private Networks (VPNs). This paper evaluates the performance overheads associated with IPSec. We use Openswan, an open source implementation of IPSec, and measure the running times of individual security operations and also the speedup gained by replacing various IPSec components with no-ops. The main findings of this study include: VPN connection establishment and maintenance overheads for short sessions could be significantly higher than those incurred while transferring data, and cryptographic operations contribute 32-60% of the total IPSec overheads.