Bandwidth-IPSec security trade-off in IPv4 and IPv6 in Windows 7 environment

Due to overheads of security algorithms used in IPSec, transferring data using IPSec is known to be significantly slow compared with open system. In this paper, we present new results on performance of IPSec using 7 encryption systems for both IPv4 and IPv6 using Windows 7 and wireless network access. For the system studied, enabling IPSec results in approximately 60%(IPv4) and 48%s(IPv6) lessTCP throughput compared to open system. Among encryption mechanisms, 3DES-SHA provides the highest TCP bandwidth for IPv4, while 3DES-MD5 gives the best result for IPv6. We also provide the results for UDP.

[1]  Wei Qu,et al.  IPSec-based secure wireless virtual private network , 2002, MILCOM 2002. Proceedings.

[2]  Sherali Zeadally,et al.  Comparison of end-system IPv6 protocol stacks , 2004 .

[3]  Peng Li,et al.  Evaluating IPv6 in Peer-to-Peer 802.11n Wireless LANs , 2011, IEEE Internet Computing.

[4]  Sherali Zeadally,et al.  Evaluating IPv6 on Windows and Solaris , 2003, IEEE Internet Comput..

[5]  Shaneel Narayan,et al.  Network Performance Analysis of VPN Protocols: An Empirical Comparison on Different Operating Systems , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[6]  Refik Molva,et al.  Internet security architecture , 1999, Comput. Networks.

[7]  Ashfaq A. Khokhar,et al.  Virtual private networks: an overview with performance evaluation , 2004, IEEE Communications Magazine.

[8]  Rahmat Budiarto,et al.  Improving the performance of IPv6 packet transmission over LAN , 2009, 2009 IEEE Symposium on Industrial Electronics & Applications.

[9]  Khaled Shuaib,et al.  Impact of IPSec on the Performance of the IEEE 802.16 Wireless Networks , 2008, 2008 New Technologies, Mobility and Security.

[10]  Nilufar Baghaei,et al.  IEEE 802.11 wireless LAN security performance using multiple clients , 2004, Proceedings. 2004 12th IEEE International Conference on Networks (ICON 2004) (IEEE Cat. No.04EX955).

[11]  Jin-Cherng Lin,et al.  Design, implementation and performance evaluation of IP-VPN , 2003, 17th International Conference on Advanced Information Networking and Applications, 2003. AINA 2003..