Volume 3, Issue 1, January 2015, Page: 11-23
Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols
Muhammed Nura Yusuf, Department of Mathematical Sciences, Faculty of Science, Abubakar Tafawa Balewa University Bauchi
Ali Mohammed Baba, Department of Mathematical Sciences, Faculty of Science, Abubakar Tafawa Balewa University Bauchi
Received: Jul. 4, 2015;       Accepted: Jul. 13, 2015;       Published: Jul. 25, 2015
DOI: 10.11648/j.com.20150301.12      View  3413      Downloads  44
Abstract
IPsec, an internet layer three-security protocol suite is often characterised with introducing an additional space and processing overhead when implemented on a network for secured communication using either IPv4 or IPv6. The use of IPsec on IPv4 is an alternative that offers solutions and addresses the security vulnerabilities in network layer of the OSI and TCP/IP protocol stack. In IPv6, IPsec is one among many other features added to the earlier internet protocol to enhance efficiency and security. Analysis in this research aim at observing the effect of additional space overhead incurred by internet protocols version 4 and 6 (IPv4, IPv6) as a result of selected IPsec configuration in relation to payload size in transport and tunnel mode of IPsec. It was observed that the cost of IPsec added overhead is relatively small when smaller packet sizes are involved for both protocols comparison with large packet sizes that were IPsec protected with the same configuration as the smaller packet, unless in the cases whereby the packet was very large which has to be fragmented. It is therefore, a guide for network administrators to trade up between processing cost and larger address space among other improvements specifically for transmission involving larger IP packets.
Keywords
IPv4, IPv6, IPsec, Transport Mode, Tunnel Mode
To cite this article
Muhammed Nura Yusuf, Ali Mohammed Baba, Investigating Space Overhead by IPSec on IPv4 and IPv6 Communication Protocols, Communications. Vol. 3, No. 1, 2015, pp. 11-23. doi: 10.11648/j.com.20150301.12
Reference
[1]
Cheng Min (2011) Research On network Security Based on IPv6 Architecture. 2011 international Conference on Electronics and Optoelectrnics (ICEOE 2011) (PP 1-3) Institute of Electrical Electronics Engineers (IEEE Xplore Digital Library).
[2]
Christos Xenakis, Nikolaos Laoutaris, Lazaros Merakos, Ioannis Stavrakakis (2006) A generic characteristics of the overheads imposed by IPSec and associated cryptographic algorithms. ScienceDirect computer networks 50 (2006) 3225-3241
[3]
George C. Hadjichristofi Nathaniel J. Davis, IVScott F. Midkiff (2003) IPSec Overhead in Wireline and Wireless Networks for Web and Email Applications.(PP 1-5) IEEE Institute of Electrical Electronics Engineers (IEEEXplore Digital Library).
[4]
Eastlake 3rd D. Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH) IETF RFC 4305 (December 2005)
[5]
J. C. Lin, C. T. Chang and W. T. Chung, (2003) “Design, Implementation and Performance Evaluation of IP-VPN”, In Proc.of AINA 2003, pp. 206 - 209,.
[6]
J. Klaue and A. Hess, “On the Impact of IPSec on Interactive Communications” (2005) In Proc. of IPDPS 2005, 8 pp.,
[7]
Meenakshi S. P, Raghavan S.V(2006) Impact of IPSec Overhead on Web Application Servers.(PP1-6) Institute of Electrical Electronics Engineers (IEEE Xplore Digital Library).
[8]
Mujinga M.H, Muyingi G.S.V.R, Krishna R (2006) IPSec Overhead Analysis in Dual Stack IPv4/IPv6 Transition Mechanisms. (PP 1-6) Institute of Electrical Electronics Engineers (IEEE Xplore Digital Library).
[9]
O. Elkeelany, M.M.Matalgah, K.P. Sheikh, G. Chaudhry, D. Medhi and J. Qaddour, (2002)“Performance Analysis of IPSec Protocol: Encryption and Authentication”, In Proc. of IEEE Communication Conference ICC2002, Vol. 2, pp. 1164-1168.
[10]
Seiji ARIGA, Masaki MINAMI, Hiroshi ESAKI and Jun MURAI, (2000) “Performance Evaluation of Data Transmission Using IPSec over IPv6 Networks”, In Proc. of the 10th Annual Internet Society Conference (INET 2000), Yokohama, Japan.
[11]
Todd Lammle (2010) Cisco Certified Network Associate. Wiley Publishing. Inc USA
[12]
Wenhong Liu, Zhen Jiang, Hongke Zhang (2006). A Secure Mobile-IPv6 Network Model. ICWMMN 2006 Proceedings (PP 1-4)
Browse journals by subject