Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
2002 FREENIX Track Technical Program - Abstract

A Study of the Relative Costs of Network Security Protocols

Stefan Miltchev, Sotiris Ioannidis, University of Pennsylvania; Angelos D. Keromytis, Columbia University


While the benefits of using IPsec to solve a significant number of network security problems are well known and its adoption is gaining ground, very little is known about the communication overhead that it introduces. Quantifying this overhead will make users aware of the price of the added security, and will assist them in making well-informed IPsec deployment decisions.

In this paper, we investigate the performance of IPsec using micro- and macro-benchmarks. Our tests explore how the various modes of operation and encryption algorithms affect its performance and the benefits of using cryptographic hardware to accelerate IPsec processing. Finally, we compare against other secure data transfer mechanisms, such as SSL, scp(1), and sftp(1).

  • View the full text of this paper in HTML, PDF, and Postscript.
    The Proceedings are published as a collective work, © 2002 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.

  • If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.

  • To become a USENIX Member, please see our Membership Information.
?Need help? Use our Contacts page.

Last changed: 16 May 2002 ml
Technical Program
Conference index