IPSec: Performance analysis in IPv4 and IPv6

被引：0

作者：

Thiruvasagam P. ^{[1
]}

Jijo George K. ^{[1
]}

机构：

[1] NEC India Private Limited, India

来源：

Journal of ICT Standardization | 2019年 / 7卷 / 01期

关键词：

3GPP; AES; Authentication; IPSec; IPv6; LTE/SAE; NDS/IP;

D O I：

10.13052/jicts2245-800X.714

中图分类号：

学科分类号：

摘要：

Internet Protocol security (IPSec) is an end-to-end security scheme to provide security at the IP network layer, but this comes with performance implications leading to throughput reduction and resource consumption. In this paper we present a throughput performance analysis of IPSec protocol, for both IPv4 and IPv6, using various cryptographic algorithms as recommended in the standards [13]. In this study we have considered only throughput performance for authenticated encryption algorithms AES-GCM and AES-CCM, encryption algorithms AES-CBC, AES-CTR, and 3DES, and authentication algorithms SHA1, SHA2 and XCBC. The result shows that AES-GCM provides better performance compared to the other recommended algorithms. © 2019 the Author(s). All rights reserved.

引用

页码：59 / 76

页数：17

共 29 条

[1] Kent S., Seo K., Security architecture for the internet protocol, RFC 4301, (2005)
[2] Harkins D., Carrel D., The internet key exchange (IKE), RFC 2409, (1998)
[3] Kaufman C., Et al., Internet key exchange protocol version 2 (IKEV2), RFC, (2014)
[4] Maughan D., Et al., Internet Security Association and Key Management Protocol (ISAKMP), (1998)
[5] Orman H., The OAKLEY Key Determination Protocol, (1998)
[6] Kent S., IP Authentication Header, (2005)
[7] Kent S., IP Encapsulating Security Payload, (2005)
[8] Frankel S., Krishnan S., IP Security (IPSec) and Internet Key Exchange (IKE) Document Roadmap, (2011)
[9] Deering S., Hinden R., Internet Protocol Version 6 (IPv6), (1998)
[10] Deering S., Hinden R., IP Version 6 Addressing Architecture, (2006)

← 1 2 3 →