{"title":"实现万兆VPN加速板","authors":"Ki Hyun Kim, Jang-Hee Yoo, K. Chung","doi":"10.1109/ICACT.2006.206281","DOIUrl":null,"url":null,"abstract":"This paper proposes a VPN accelerator board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). The TCSS supports safety communication channel between security nodes in Internet. It furnishes authentication, confidentiality, integrity, and access control to the security node to transmit data packets with IPsec protocol. TCSS consists of Internet key exchange block, and security association block, IPsec engine block. The Internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by HAV and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645 Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode","PeriodicalId":247315,"journal":{"name":"2006 8th International Conference Advanced Communication Technology","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Implementation of 10 Giga VPN accelerator board\",\"authors\":\"Ki Hyun Kim, Jang-Hee Yoo, K. Chung\",\"doi\":\"10.1109/ICACT.2006.206281\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes a VPN accelerator board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). The TCSS supports safety communication channel between security nodes in Internet. It furnishes authentication, confidentiality, integrity, and access control to the security node to transmit data packets with IPsec protocol. TCSS consists of Internet key exchange block, and security association block, IPsec engine block. The Internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by HAV and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645 Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode\",\"PeriodicalId\":247315,\"journal\":{\"name\":\"2006 8th International Conference Advanced Communication Technology\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 8th International Conference Advanced Communication Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICACT.2006.206281\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 8th International Conference Advanced Communication Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICACT.2006.206281","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
This paper proposes a VPN accelerator board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). The TCSS supports safety communication channel between security nodes in Internet. It furnishes authentication, confidentiality, integrity, and access control to the security node to transmit data packets with IPsec protocol. TCSS consists of Internet key exchange block, and security association block, IPsec engine block. The Internet key exchange block negotiates crypto algorithm and key used in IPsec engine block. Security association blocks setting-up and manages security association information. IPsec engine block treats IPsec packets and consists of networking functions for communication. The IPsec engine block should be embodied by HAV and in-line mode transaction for high speed IPsec processing. Our VPN-AB is implemented with high speed security processor that supports many cryptographic algorithms and in-line mode. We evaluate a small TCSS communication environment, and measure a performance of VPN-AB in the environment. The experiment results show that VPN-AB gets a performance throughput of maximum 15.645 Gbps when we set the IPsec protocol with 3DES-HMAC-MD5 tunnel mode
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
