|
USENIX 2002 Annual Technical Conference, Freenix Track - Paper
[USENIX 2002 Technical Program Index]
Next: Introduction
| Pp. 41-48 of the Proceedings |  |
A Study of the Relative Costs of Network Security
Protocols![[*]](/legacy/usr/local/lib/latex2html/icons.gif/foot_motif.gif)
Stefan Miltchev
miltchev@dsl.cis.upenn.edu
University of Pennsylvania
-
Sotiris Ioannidis
sotiris@dsl.cis.upenn.edu
University of Pennsylvania
-
Angelos D. Keromytis
angelos@cs.columbia.edu
Columbia University
Abstract:
While the benefits of using IPsec to solve a significant number of
network security problems are well known and its adoption is gaining
ground, very little is known about the communication overhead that it
introduces. Quantifying this overhead will make users aware of the
price of the added security, and will assist them in making
well-informed IPsec deployment decisions.
In this paper, we investigate the performance of IPsec using micro-
and macro-benchmarks. Our tests explore how the various modes of
operation and encryption algorithms affect its performance and the
benefits of using cryptographic hardware to accelerate IPsec
processing. Finally, we compare against other secure data transfer
mechanisms, such as SSL, scp(1), and sftp(1).
Stefan Miltchev
4/17/2002
| 
