DTLS Performance - How Expensive is Security?

April 25, 2019 · Entered Twilight · 🏛 arXiv.org

"No code URL or promise found in abstract"
"Code repo scraped from project page (backfill)"

Evidence collected by the PWNC Scanner

Repo contents: .gitignore, .gitmodules, CMakeLists.txt, Doxyfile, LICENSE, README.md, bind-interfaces.sh, build.sh, build, doc, examples, flows, interface, libmoon, log, lua, moongen-simple, ratecontrol.md, rfc2544, setup-hugetlbfs.sh, src, test

Authors Sebastian Gallenmüller, Dominik Schöffmann, Dominik Scholz, Fabien Geyer, Georg Carle arXiv ID 1904.11423 Category cs.NI: Networking & Internet Cross-listed cs.CR, cs.PF Citations 6 Venue arXiv.org Repository https://github.com/dschoeffm/MoonGen Last Checked 1 month ago

Abstract

Secure communication is an integral feature of many Internet services. The widely deployed TLS protects reliable transport protocols. DTLS extends TLS security services to protocols relying on plain UDP packet transport, such as VoIP or IoT applications. In this paper, we construct a model to determine the performance of generic DTLS-enabled applications. Our model considers basic network characteristics, e.g., number of connections, and the chosen security parameters, e.g., the encryption algorithm in use. Measurements are presented demonstrating the applicability of our model. These experiments are performed using a high-performance DTLS-enabled VPN gateway built on top of the well-established libraries DPDK and OpenSSL. This VPN solution represents the most essential parts of DTLS, creating a DTLS performance baseline. Using this baseline the model can be extended to predict even more complex DTLS protocols besides the measured VPN. Code and measured data used in this paper are publicly available at https://git.io/MoonSec and https://git.io/Sdata.