Reference from ESORICS proceedings

Third European Symposium on Research in Computer Security (ESORICS 94)

Security versus Performance Requirements in Data Communication Systems

Vasilios Zorkadis

Keywords : security, communications performance

Abstract : The research activities in secure computer networks have paid little attention to the tradeoff between security and other quality requirements of the communication service. This paper aims to introduce performance aspects regarding secure computer networks. First we attempt to quantify the tradeoff between security and performance in secure data communication systems by means of queueing theory. Our second target is to reduce the performance degradation caused by the security mechanisms and protocols. For this purpose, optimization concepts are proposed. The key points in the optimization concepts are: preprocessing, messages segmenting and compression. They have to be integrated or considered in secure communication protocols to improve their performance characteristics. Preprocessing aims to exploit the idle periods of the system (e.g., computer or special crypto-chip), to take the stochastic nature of such communication processes into consideration, e.g., using the OFB-mode for generating (pseudo) random bit sequences after connection establishment. Segmenting is proposed for long messages in order to better exploit the pipeline nature of communication systems. Also, compression is discussed as a means to further improve the performance measures of secure communication.

(Pages 19-30)

Proceedings table of contents