The Networking Perspective of Security Performance - a Measurement Study

Konferenz: MMB 2006 - 13th GI/ITG Conference Measuring, Modelling and Evaluation of Computer and Communication Systems
27.03.2006 - 29.03.2006 in Nürnberg, Germany

Tagungsband: MMB 2006

Seiten: 17Sprache: EnglischTyp: PDF

Persönliche VDE-Mitglieder erhalten auf diesen Artikel 10% Rabatt

Niedermayer, Heiko; Klenk, Andreas; Carle, Georg (Computer Networks and Internet, University of Tuebingen, 72076 Tuebingen, Germany)

The recent term Quality of Security Services leads directly to the question of the performance impact of security protocols like IPSec and SSL. The impact depends not only on the situation, but also on the configuration. We measured the processing delay and the throughput for implementations of IPSec under Linux with different kernel versions on current computers. Our focus is to cover the effect of the various parameters of IPSec. Most important for the IPSec performance is the choice of the cryptographic algorithms and hash functions. Our measurements indicate that the latter are becoming the bottleneck as fast encryption algorithms like the AES and Blowfish more and more replace the slow 3DES.