Special Issue Paper
Performance evaluation of IKEv2 authentication methods in next generation wireless networks
Article first published online: 13 MAY 2009
Copyright © 2009 John Wiley & Sons, Ltd.
Security and Communication Networks
Special Issue: Special Issue on Security in Next Generation Wireless Networks
Volume 3, Issue 1, pages 83–98, January/February 2010
How to Cite
Faigl, Z., Lindskog, S. and Brunstrom, A. (2010), Performance evaluation of IKEv2 authentication methods in next generation wireless networks. Security Comm. Networks, 3: 83–98. doi: 10.1002/sec.114
- Issue published online: 8 FEB 2010
- Article first published online: 13 MAY 2009
- authentication cost;
- wireless networks;
Secure communications have a key role in future networks and applications. Information security provisions such as authorization, authentication, and encryption must be added to current communications protocols. To accomplish this, each protocol must be reexamined to determine the impact on performance of adding such security services. This paper presents an experimental evaluation of the performance costs of a wide variety of authentication methods over IKEv2 in real and partly emulated scenarios of next generation wireless networks. The studied methods are pre-shared keys (PSKs), extensible authentication protocol (EAP) using MD5, SIM, TTLS-MD5, TLS, and PEAP-MSCHAPv2. For the EAP-based methods, RADIUS is used as the authentication, authorization, and accounting (AAA) server. Different lengths of certificate chains are studied in case of the TLS-based methods, i.e., TTLS-MD5, TLS, and PEAP-MSCHAPv2. The paper first presents a brief overview of the considered authentication methods. Then, a comparison of the costs for message transfers and computations associated with the authentication methods is provided. The measurement results are verified through a simple analysis, and interpreted by discussing the main contributing factors of the costs. The measurement results illustrate the practical costs involved for IKEv2 authentication, and the implications of the use of different methods are discussed. Copyright © 2009 John Wiley & Sons, Ltd.