| Peer-Reviewed

Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols

Received: 4 July 2015     Accepted: 13 July 2015     Published: 25 July 2015
Views:       Downloads:
Abstract

IPsec, an internet layer three-security protocol suite is often characterised with introducing an additional space and processing overhead when implemented on a network for secured communication using either IPv4 or IPv6. The use of IPsec on IPv4 is an alternative that offers solutions and addresses the security vulnerabilities in network layer of the OSI and TCP/IP protocol stack. In IPv6, IPsec is one among many other features added to the earlier internet protocol to enhance efficiency and security. Analysis in this research aim at observing the effect of additional space overhead incurred by internet protocols version 4 and 6 (IPv4, IPv6) as a result of selected IPsec configuration in relation to payload size in transport and tunnel mode of IPsec. It was observed that the cost of IPsec added overhead is relatively small when smaller packet sizes are involved for both protocols comparison with large packet sizes that were IPsec protected with the same configuration as the smaller packet, unless in the cases whereby the packet was very large which has to be fragmented. It is therefore, a guide for network administrators to trade up between processing cost and larger address space among other improvements specifically for transmission involving larger IP packets.

Published in Communications (Volume 3, Issue 1)
DOI 10.11648/j.com.20150301.12
Page(s) 11-23
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2015. Published by Science Publishing Group

Keywords

IPv4, IPv6, IPsec, Transport Mode, Tunnel Mode

References
[1] Cheng Min (2011) Research On network Security Based on IPv6 Architecture. 2011 international Conference on Electronics and Optoelectrnics (ICEOE 2011) (PP 1-3) Institute of Electrical Electronics Engineers (IEEE Xplore Digital Library).
[2] Christos Xenakis, Nikolaos Laoutaris, Lazaros Merakos, Ioannis Stavrakakis (2006) A generic characteristics of the overheads imposed by IPSec and associated cryptographic algorithms. ScienceDirect computer networks 50 (2006) 3225-3241
[3] George C. Hadjichristofi Nathaniel J. Davis, IVScott F. Midkiff (2003) IPSec Overhead in Wireline and Wireless Networks for Web and Email Applications.(PP 1-5) IEEE Institute of Electrical Electronics Engineers (IEEEXplore Digital Library).
[4] Eastlake 3rd D. Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) IETF RFC 4305 (December 2005)
[5] J. C. Lin, C. T. Chang and W. T. Chung, (2003) “Design, Implementation and Performance Evaluation of IP-VPN”, In Proc.of AINA 2003, pp. 206 - 209,.
[6] J. Klaue and A. Hess, “On the Impact of IPSec on Interactive Communications” (2005) In Proc. of IPDPS 2005, 8 pp.,
[7] Meenakshi S. P, Raghavan S.V(2006) Impact of IPSec Overhead on Web Application Servers.(PP1-6) Institute of Electrical Electronics Engineers (IEEE Xplore Digital Library).
[8] Mujinga M.H, Muyingi G.S.V.R, Krishna R (2006) IPSec Overhead Analysis in Dual Stack IPv4/IPv6 Transition Mechanisms. (PP 1-6) Institute of Electrical Electronics Engineers (IEEE Xplore Digital Library).
[9] O. Elkeelany, M.M.Matalgah, K.P. Sheikh, G. Chaudhry, D. Medhi and J. Qaddour, (2002)“Performance Analysis of IPSec Protocol: Encryption and Authentication”, In Proc. of IEEE Communication Conference ICC2002, Vol. 2, pp. 1164-1168.
[10] Seiji ARIGA, Masaki MINAMI, Hiroshi ESAKI and Jun MURAI, (2000) “Performance Evaluation of Data Transmission Using IPSec over IPv6 Networks”, In Proc. of the 10th Annual Internet Society Conference (INET 2000), Yokohama, Japan.
[11] Todd Lammle (2010) Cisco Certified Network Associate. Wiley Publishing. Inc USA
[12] Wenhong Liu, Zhen Jiang, Hongke Zhang (2006). A Secure Mobile-IPv6 Network Model. ICWMMN 2006 Proceedings (PP 1-4)
Cite This Article
  • APA Style

    Muhammed Nura Yusuf, Ali Mohammed Baba. (2015). Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols. Communications, 3(1), 11-23. https://doi.org/10.11648/j.com.20150301.12

    Copy | Download

    ACS Style

    Muhammed Nura Yusuf; Ali Mohammed Baba. Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols. Communications. 2015, 3(1), 11-23. doi: 10.11648/j.com.20150301.12

    Copy | Download

    AMA Style

    Muhammed Nura Yusuf, Ali Mohammed Baba. Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols. Communications. 2015;3(1):11-23. doi: 10.11648/j.com.20150301.12

    Copy | Download

  • @article{10.11648/j.com.20150301.12,
      author = {Muhammed Nura Yusuf and Ali Mohammed Baba},
      title = {Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols},
      journal = {Communications},
      volume = {3},
      number = {1},
      pages = {11-23},
      doi = {10.11648/j.com.20150301.12},
      url = {https://doi.org/10.11648/j.com.20150301.12},
      eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.com.20150301.12},
      abstract = {IPsec, an internet layer three-security protocol suite is often characterised with introducing an additional space and processing overhead when implemented on a network for secured communication using either IPv4 or IPv6. The use of IPsec on IPv4 is an alternative that offers solutions and addresses the security vulnerabilities in network layer of the OSI and TCP/IP protocol stack. In IPv6, IPsec is one among many other features added to the earlier internet protocol to enhance efficiency and security. Analysis in this research aim at observing the effect of additional space overhead incurred by internet protocols version 4 and 6 (IPv4, IPv6) as a result of selected IPsec configuration in relation to payload size in transport and tunnel mode of IPsec. It was observed that the cost of IPsec added overhead  is relatively small when smaller packet sizes are involved for both protocols comparison with large packet sizes that were IPsec protected with the same configuration as the smaller packet, unless in the cases whereby the packet was very large which has to be fragmented. It is therefore, a guide for network administrators to trade up between processing cost and larger address space among other improvements specifically for transmission involving larger IP packets.},
     year = {2015}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols
    AU  - Muhammed Nura Yusuf
    AU  - Ali Mohammed Baba
    Y1  - 2015/07/25
    PY  - 2015
    N1  - https://doi.org/10.11648/j.com.20150301.12
    DO  - 10.11648/j.com.20150301.12
    T2  - Communications
    JF  - Communications
    JO  - Communications
    SP  - 11
    EP  - 23
    PB  - Science Publishing Group
    SN  - 2328-5923
    UR  - https://doi.org/10.11648/j.com.20150301.12
    AB  - IPsec, an internet layer three-security protocol suite is often characterised with introducing an additional space and processing overhead when implemented on a network for secured communication using either IPv4 or IPv6. The use of IPsec on IPv4 is an alternative that offers solutions and addresses the security vulnerabilities in network layer of the OSI and TCP/IP protocol stack. In IPv6, IPsec is one among many other features added to the earlier internet protocol to enhance efficiency and security. Analysis in this research aim at observing the effect of additional space overhead incurred by internet protocols version 4 and 6 (IPv4, IPv6) as a result of selected IPsec configuration in relation to payload size in transport and tunnel mode of IPsec. It was observed that the cost of IPsec added overhead  is relatively small when smaller packet sizes are involved for both protocols comparison with large packet sizes that were IPsec protected with the same configuration as the smaller packet, unless in the cases whereby the packet was very large which has to be fragmented. It is therefore, a guide for network administrators to trade up between processing cost and larger address space among other improvements specifically for transmission involving larger IP packets.
    VL  - 3
    IS  - 1
    ER  - 

    Copy | Download

Author Information
  • Department of Mathematical Sciences, Faculty of Science, Abubakar Tafawa Balewa University Bauchi

  • Department of Mathematical Sciences, Faculty of Science, Abubakar Tafawa Balewa University Bauchi

  • Sections