Proceedings ArticleDOI
Performance impact of data compression on virtual private network transactions
John P. McGregor,Ruby B. Lee +1 more
- pp 500-510
TLDR
This work uses a system model for IPsec transactions to derive an inequality that specifies the conditions required for data compression to improve performance, and generates performance results for many combinations of network types, data types, packet sizes, and encryption, authentication and compression algorithms.Abstract:
Virtual private networks (VPNs) allow two or more parties to communicate securely over a public network. Using cryptographic algorithms and protocols, VPNs provide security services such as confidentiality, host authentication and data integrity. The computation required to provide adequate security, however, can significantly degrade the performance. We characterize the extent to which data compression can alleviate this performance problem in a VPN implemented with the IP Security Protocol (IPsec). We use a system model for IPsec transactions to derive an inequality that specifies the conditions required for data compression to improve performance. We generate performance results for many combinations of network types, data types, packet sizes, and encryption, authentication and compression algorithms. We find that compression usually improves the performance when using 10 Mbps or slower networks, but compression only improves the performance in systems with 100 Mbps or 1 Gbps networks when using computationally intensive encryption algorithms.read more
Citations
More filters
Patent
System and methods for accelerated data storage and retrieval
TL;DR: In this paper, a data storage and retrieval accelerator is proposed to reduce the time required to store and retrieve data from computer to disk, in conjunction with random access memory, in a display controller, and/or in an input/output controller.
Journal ArticleDOI
A Novel Sensory Data Processing Framework to Integrate Sensor Networks With Mobile Cloud
TL;DR: A novel sensory data processing framework is proposed, which aims at transmitting desirable sensory data to the mobile users in a fast, reliable, and secure manner and further decreases the storage and processing overhead of the cloud, while enabling mobile users to securely obtain their desired sensory data faster.
Journal ArticleDOI
Virtual private networks: an overview with performance evaluation
S. Khanvilkar,Ashfaq Khokhar +1 more
TL;DR: There is no single OSLV solution that excels in all considered aspects, and a combination of different VPN products and/or trade-off among desired characteristics may be required to deliver optimal performance.
Journal ArticleDOI
Optimizing the energy consumed by secure wireless sessions: wireless transport layer security case study
Ramesh Karri,Piyush Mishra +1 more
TL;DR: This paper developed techniques based on information compression, session negotiation protocol optimization and hardware acceleration of crypto-mechanisms to reduce the energy consumed by a secure session.
Proceedings ArticleDOI
A single-chip IPSEC cryptographic processor
M. McLoone,John V. McCanny +1 more
TL;DR: A novel single-chip hardware IPSec cryptographic design is described, which comprises the Rijndael encryption algorithm and HMAC-SHA-1 authentication algorithm, and is capable of supporting any application requiring authentication and/or encryption.
References
More filters
Security Architecture for the Internet Protocol
TL;DR: This document describes an updated version of the "Security Architecture for IP", which is designed to provide security services for traffic at the IP layer, and obsoletes RFC 2401 (November 1998).
HMAC: Keyed-Hashing for Message Authentication
TL;DR: This document describes HMAC, a mechanism for message authentication using cryptographic hash functions that can be used with any iterative cryptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared key.
Internet Protocol, Version 6 (IPv6) Specification
S. Deering,R. Hinden +1 more
TL;DR: In this paper, the authors specify version 6 of the Internet Protocol (IPv6), also referred to as IP Next Generation or IPng, and propose a new protocol called IPng.
Internet Protocol
TL;DR: Along with TCP, IP represents the heart of the Internet protocols and has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of data links to support data links with different maximum transmission unit (MTU) sizes.