Introduction

  The increasing need for protecting data communications has led to the development of several protocols that provide very similar services, most notably data secrecy/integrity and origin authentication. Examples of such protocols include IPsec, SSL/TLS, and SSH[8,2,11]. While each of the protocols is based on a different set of assumptions with respect to its model of use, implementation characteristics, and supporting applications, they all fundamentally address the same problem, namely to protect the secrecy and integrity of data transferred over an untrustworthy network such as the Internet.

Securing the data while in transit is not sufficient by itself in building a secure network: data storage, key management, user interface, and backup security must also be addressed to provide a comprehensive security posture. These are often overlooked, yet are an essential part of a secure system. In this paper, we aim to quantify the costs of specific mechanisms and clarify the options available to system and network architects. In particular, we wish to quantify the performance implications of using various security protocols that are either widely used (e.g., SSL and SSH) or are expected to be in wide use (e.g., IPsec).

Compared to other network security mechanisms, IPsec offers many architectural advantages. Firstly, he details of network security are usually hidden from applications, which therefore automatically and transparently take advantage of whatever network-layer security services their environment provides. More importantly, IPsec offers a remarkable flexibility not possible at higher or lower network layers: security can be configured end-to-end (protecting traffic between two hosts), route-to-route (protecting traffic passing over a particular set of links), edge-to-edge (protecting traffic as it passes between ``trusted'' networks via an ``untrusted'' one, subsuming many of the current functions performed by network firewalls), or in any other configuration in which network nodes can be identified as appropriate security endpoints. However, a perception of complexity and reduced performance have acted as deterring factors in its deployment and use. The former point is being addressed by new APIs and refinement of administrative interfaces that make configuration and use of IPsec easier. However, the performance issue has not received adequate examination.

In this paper, we investigate the performance of IPsec using micro- and macro-benchmarks. Our tests are designed to explore how the various modes and encryption algorithms affect its performance, the benefits of using hardware accelerators to assist the IPsec cryptographic framework, and finally compare against other secure transfer mechanisms, such as SSL, scp(1), and sftp(1). We use the OpenBSD operating system as our experimental platform, because of its support for cryptographic hardware accelerators and its native IPsec implementation[9].