论文信息 - Performance analysis of IPSec protocol: encryption and authentication

Performance analysis of IPSec protocol: encryption and authentication

IPSec provides two types of security algorithms, symmetric encryption algorithms (e.g. data encryption standard DES) for encryption, and one-way hash functions (e.g., message digest MD5 and secured hash algorithm SHA1) for authentication. This paper presents performance analysis and comparisons between these algorithms in terms of time complexity and space complexity. Parameters considered are processing power and input size. The analysis results revealed that HMAC-MD5 can be sufficient for the authentication purposes rather than using the more complicated HMAC-SHA1 algorithm. In encryption applications, authentication should be combined with DES.

[1] Ralph Howard,et al. Data encryption standard , 1987 .

[2] Ronald L. Rivest,et al. The MD5 Message-Digest Algorithm , 1992, RFC.

[3] James H. Burrows,et al. Secure Hash Standard , 1995 .

[4] Randall J. Atkinson,et al. IP Encapsulating Security Payload (ESP) , 1995, RFC.

[5] Hugo Krawczyk,et al. HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[6] Stephen T. Kent,et al. Security Architecture for the Internet Protocol , 1998, RFC.

[7] Hugo Krawczyk,et al. A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[8] Cheryl Madson,et al. The Use of HMAC-MD5-96 within ESP and AH , 1998, RFC.

[9] Cheryl Madson,et al. The ESP DES-CBC Cipher Algorithm With Explicit IV , 1998, RFC.

[10] Cheryl Madson,et al. The Use of HMAC-SHA-1-96 within ESP and AH , 1998, RFC.