The Networking Perspective of Security Performance - a Measurement Study

Conference: MMB 2006 - 13th GI/ITG Conference Measuring, Modelling and Evaluation of Computer and Communication Systems
03/27/2006 - 03/29/2006 at Nürnberg, Germany

Proceedings: MMB 2006

Pages: 17Language: englishTyp: PDF

Personal VDE Members are entitled to a 10% discount on this title

Authors:
Niedermayer, Heiko; Klenk, Andreas; Carle, Georg (Computer Networks and Internet, University of Tuebingen, 72076 Tuebingen, Germany)

Abstract:
The recent term Quality of Security Services leads directly to the question of the performance impact of security protocols like IPSec and SSL. The impact depends not only on the situation, but also on the configuration. We measured the processing delay and the throughput for implementations of IPSec under Linux with different kernel versions on current computers. Our focus is to cover the effect of the various parameters of IPSec. Most important for the IPSec performance is the choice of the cryptographic algorithms and hash functions. Our measurements indicate that the latter are becoming the bottleneck as fast encryption algorithms like the AES and Blowfish more and more replace the slow 3DES.