A generic characterization of the overheads imposed by IPsec and associated cryptographic algorithms

This paper presents an assessment of the communication overheads of IPsec and evaluates the feasibility of deploying it on handheld devices for the UMTS architecture. A wide range of different cryptographic algorithms are used in conjunction with IPsec, such as Data Encryption Standard (DES), Advanced Encryption Standard (AES), Message Digest (MD5) and Secure Hash Algorithm 1 (SHA-1). We consider the processing and packetization overheads introduced by these algorithms and quantify their impact in terms of communication quality (added delay for the end-user) and resource consumption (additional bandwidth on the radio interface). We conduct a quantitive analysis based on a detailed simulation model of an IPsec enabled handheld device. We verify our simulation results by comparing against analytic results obtained from an approximate analytic model.