Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
USENIX 2002 Annual Technical Conference, Freenix Track - Paper    [USENIX 2002 Technical Program Index]

next up previous
Next: Introduction

Pp. 41-48 of the Proceedings

A Study of the Relative Costs of Network Security Protocols[*]

Stefan Miltchev
University of Pennsylvania
- Sotiris Ioannidis
University of Pennsylvania
- Angelos D. Keromytis
Columbia University


While the benefits of using IPsec to solve a significant number of network security problems are well known and its adoption is gaining ground, very little is known about the communication overhead that it introduces. Quantifying this overhead will make users aware of the price of the added security, and will assist them in making well-informed IPsec deployment decisions.

In this paper, we investigate the performance of IPsec using micro- and macro-benchmarks. Our tests explore how the various modes of operation and encryption algorithms affect its performance and the benefits of using cryptographic hardware to accelerate IPsec processing. Finally, we compare against other secure data transfer mechanisms, such as SSL, scp(1), and sftp(1).


Stefan Miltchev

This paper was originally published in the Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference, June 10-15, 2002, Monterey Conference Center, Monterey, California, USA.
Last changed: 16 May 2002 ml
Freenix Technical Program
USENIX 2002 Home