Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지

An IPSec Accelerator for the High-performance Virtual Private Networks

  • Published : 2003.03.01
Download PDF
⟨ Previous Next ⟩

Abstract

A cost efficient IPSec Accelerator board utilizing a crypto chip and an entry-level Linux PC for the high performance VPN is presented in this paper. The IPIP (IP-over-IP tunneling) processing, encryption & decryption processing, HASH processing, and the integrity test functions of IPSec are processed in the IPSec Accelerator board. The proposed IPSec Accelerator has demonstrated successful execution of the required functions of the IPSec packet processing and verified its performance by processing the IPSec packets at the rate of over 1 Gbps.

Keywords

References

  1. T. Braun, M. Kasumi, et al., 'Virtual Private Network Architecture', IAM-99-01, April 1999
  2. J. W. Yoon, Y. K. Kim, D. H. Ryu, 'On a Implementation of High-Speed VPN Gateway with Parallel Architecture', WISC2001, Sept. 2001
  3. J. T. Kim, D. H. Ryu, H. K. Moon, 'A Study on the VPN Gateway Architecture for Speed Acceleration', pp.101-107, Journal of KICS, Vol. 27, No. 8T, Aug. 2002
  4. C. J. C. Pena, J. Evans, 'Performance evaluation of software Virtual Private Networks', 25th Annual IEEE Conference on Local Computer Networks (LCN'00), pp. 522-523, Nov. 2000
  5. J.P. McGregor, R.B. Lee, 'Performance impact of data compression on virtual private network transactions', 25th Annual IEEE Conference on Local Computer Networks (LCN'00), pp.501-510, Nov. 2000
  6. St. Kent, R. Atkinson: Security Architecture for the Internet Protocol; RFC 2401, Nov. 1998
  7. Implementing Virtual Private Networks, Steven Brown, McGraw-Hill, 1999
  8. http://www.cavium.com/products.html