Analysis of IPSec Performance

Document type: Conference Papers
Peer reviewed: Yes
Author(s): Henric Johnson, Babar Qaisrani, Markus Fiedler, Felix Wu, Arne A. Nilsson
Title: Analysis of IPSec Performance
Conference name: Promote IT 2005
Year: 2005
ISBN: 91-44-03875-5
Publisher: Studentlitteratur
City: Lund
Organization: Blekinge Institute of Technology
Department: School of Engineering - Dept. of Telecommunication Systems (Sektionen för teknik – avd. för telekommunikationssystem)
School of Engineering S- 372 25 Ronneby
+46 455 38 50 00
Authors e-mail:
Language: English
Abstract: In this paper we present the results of an experimental analysis of IPSec performance.
IPSec serves as a security service to protect a communication session over unreliable networks using several cryptographic functions. The different IPSec features used to obtain confidentiality, authentication, replay protection, and integrity introduce performance costs brought about by the increased processing overhead.
The performance parameters of interest are delay and throughput. However, there is a tradeoff between performance and security. The results of the performance tests indicate the vulnerability of a Denial-of-Service attack against a gateway running IPSec due to resource exhaustion.
Subject: Telecommunications\Network Security