Research on High Performance IPSec VPN Technology Based on National Cryptographic Algorithms

Research on High Performance IPSec VPN Technology Based on National Cryptographic Algorithms

연구 분야: Cryptography

학회: CECCT '23: Proceedings of the 2023 International Conference on Electronics, Computers and Communication Technology

IPSec VPN is a virtual private network technology to build secure connections between remote hosts using the IPSec protocol. Aiming at the problem that the national cryptographic algorithm is relatively less applied to network security products, a high-performance system based on the strongSwan framework equipment is designed. In this paper, we combine an advanced vector packet processing program (VPP) and a data plane development kit (DPDK) to propose an IPSec VPN security system with national secret algorithms. The experimental and analysis results show that the system can reach 60Gbps for IPSec using SM4-128CBC-SM3 algorithm, which improves by 200% compared to DVG system and 55% by single core processor. And it is proved that the architecture designed in this paper has high network encryption performance and can effectively prevent data leakage. In addition, the effectiveness of the architecture in terms of network delay and network load is verified.