Evaluation of security and performance impact of cryptographic and hashing algorithms in site-to-site virtual private networks

Lists

Tomasz Jucha, Grzegorz, Yeboah-Ofori, Abel ORCID: https://orcid.org/0000-0001-8055-9274, Ikenga-Metuh, Chukwuebuka and Ghimire, Yogesh (2025) Evaluation of security and performance impact of cryptographic and hashing algorithms in site-to-site virtual private networks. In: 2024 International Conference on Electrical and Computer Engineering Researches (ICECER), 04-06 Dec 2024, Gaborone, Botswana.

Preview

PDF (PDF/A)
Evaluation of Security and Performance Impact of Cryptographic and Hashing Algorithms in Site-to-Site Virtual Private Networks_accessible.pdf - Accepted Version
Available under License Creative Commons Attribution.
Download (928kB) | Preview

Official URL: https://ieeexplore.ieee.org/abstract/document/1092...

Abstract

The secure and efficient operation of Site-to-Site Virtual Private Networks (VPNs) is critical for modern data transmission, yet the current literature lacks a comprehensive analysis of the trade-offs between security and performance. This paper addresses this gap by evaluating the impact of various cryptographic algorithms and hashing functions on VPN performance. Evaluating the impact of cryptographic algorithms on network performance in a Site-to-Site VPN is essential for determining data transmission efficiency. Several factors, including encryption methods, hashing, bandwidth limitations and others could, influence VPN performance. Further, cyberattacks such as Denial of Service (DoS), Media Access Control (MAC) flooding, and synchronize (SYN) flooding can target VPN infrastructures. Therefore, it is crucial to assess cryptographic algorithms to identify the most suitable ones for different network characteristics and find balance that the end user needs. The paper's contributions are threefold. Firstly, it explores the complex relationship between cryptographic and hashing algorithms and their implications for security and network performance, aiming to enhance Site-to-Site VPN security without compromising efficiency. Secondly, we implement a dynamic VPN configuration tool and conduct performance tests in a virtual environment using Graphical Network Simulator-3 (GNS3) and File Transfer Protocol (FTP), Datafile transfers to measure the impact of various encryption pairs, including Advance Encryption Algorithm (AES), Data Encryption Standard (DES), Triple Data Encryption Standard (3DES), and hashing functions such as Secure Hash Algorithm 2 (SHA2) and Message Digest (MD5). Finally, we assess the resilience of VPNs to specific cyberattacks and evaluate the trade-offs between security and transmission efficiency. The findings show that 3DES with SHA2 offers an acceptable balance between speed and security, making it a solid choice when both are important.

Item Type:	Conference or Workshop Item (Paper)
ISBN:	9798331539733
Identifier:	10.1109/ICECER62944.2024.10920332
Page Range:	pp. 1-6
Identifier:	10.1109/ICECER62944.2024.10920332
Keywords:	Hash functions, Three-dimensional displays, Heuristic algorithms, Threat assessment, Virtual private networks, Encryption, Security, Data communication, Floods, Virtualization
Depositing User:	Abel Yeboah-Ofori
Date Deposited:	22 Apr 2025 09:43
Last Modified:	22 Apr 2025 09:43
URI:	https://repository.uwl.ac.uk/id/eprint/13484

Downloads

Downloads per month over past year

Actions (login required)

View Item

References

A. Yeboah-Ofori, C. K. Agbodza, F. A. Opoku-Boateng, I. Darvishi, and F. Sbai, "Applied cryptography in network systems security for cyberattack prevention," in Proc. 2021 Int. Conf. Cyber Security and Internet of Things (ICS IoT), France, 2021, pp. 43–48, doi: 10.1109/ICSIoT55070.2021.00017.

N. F. Karagiorgos, S. G. Stavrinides, C. de Benito, S. Nikolaidis, and R. Picos, "Unconventional security for IoT: hardware and software implementation of a digital chaotic encrypted communication scheme," Senior Member, IEEE, unpublished.

H. Abbas et al., "Security assessment and evaluation of VPNs: a comprehensive survey," ACM Comput. Surv., vol. 55, no. 13s, Article 273, Jul. 2023, 47 pages, doi: 10.1145/3579162.

A. Yeboah-Ofori and A. Ganiyu, "Big data security using RSA algorithms in a VPN domain," in Proc. 2024 Int. Conf. Artificial Intelligence, Computer, Data Sciences and Applications (ACDSA), Victoria, Seychelles, 2024, pp. 1–6, doi: 10.1109/ACDSA59508.2024.10467364.

A. A. Ajiya, U. S. Idriss, and J. M. G., "Performance evaluation of IPSEC-VPN on Debian Linux environment," Int. J. Comput. Appl., vol. 181, no. 45, p. 39, Mar. 2019.

S. T. Aung and T. Thein, "Comparative analysis of site-to-site layer 2 virtual private networks," University of Computer Studies, Yangon, and University of Computer Studies (Maubin), unpublished.

S. Asare, W. Yaokumah, E. B. B. Gyebi, and J.-D. Abdulai, "Evaluating the impact of cryptographic algorithms on network performance," Int. J. Comput. Appl. Commun., vol. 12, no. 1, pp. 1–15, 2022.

H. M. Marah, J. R. Khalil, and A. Elarabi, "DMVPN network performance based on dynamic routing protocols and basic IPsec encryption," in Proc. 3rd Int. Conf. Electrical, Comm. Comput. Eng. (ICECCE), Kuala Lumpur, Malaysia, Jun. 2021.

F. Thabit, S. Alhomdy, and S. Jagtap, "Security analysis and performance evaluation of a new lightweight cryptographic algorithm for cloud computing environment," unpublished.

M. M. Abu-Faraj and Z. A. Alqadi, "Improving the efficiency and scalability of standard methods for data cryptography," IJCSNS Int. J. Comput. Sci. Netw. Secur., vol. 21, no. 12, p. 451, Dec. 2021.

A. Yeboah-Ofori, I. Darvishi, and A. S. Opeyemi, "Enhancement of big data security in cloud computing using RSA algorithm," in Proc. 2023 10th Int. Conf. Future Internet of Things and Cloud (FiCloud), Marrakesh, Morocco, 2023, pp. 312–319, doi: 10.1109/FiCloud58648.2023.00053.

N. Al-Hadhrami, M. Collinson, and N. Oren, "A subjective network approach for cybersecurity risk assessment," in Proc. 13th Int. Conf. Security of Information and Networks (SIN2020), B. Ors and A. Elci, Eds., 2020, pp. 1–8, doi: 10.1145/3433174.3433175.

Broadcom Inc., "Broadcom: Leading semiconductor and infrastructure software solutions,".

P. Patil, P. Narayankar, D. G. Narayan, and S. M. Meena, "A comprehensive evaluation of cryptographic algorithms: DES, 3DES, AES, RSA, and Blowfish," Procedia Comput. Sci., vol. 78, pp. 617–624, 2016, doi: 10.1016/j.procs.2016.02.108.

D. Rihan, A. Salih, S. Eldin, and F. Osman, "A performance comparison of encryption algorithms AES and DES," unpublished, 2015.

K. C. Chan, "Integration of physical equipment and simulators for on-campus and online delivery of practical networking labs," Tech. Rep. CSIT 20151002, La Trobe University, Bendigo, Australia, Oct. 2015.

R. Mohtasin, P. W. C. Prasad, A. Alsadoon, G. Zajko, A. Elchouemi, and A. Singh, "Development of a virtualized networking lab using GNS3 and VMware workstation," in Proc. 2016 Int. Conf. Wireless Communications, Signal Processing and Networking

A. P. Parkar, M. N. Gedam, N. Ansari, and S. Therese, "Performance level evaluation of cryptographic algorithms," in Intelligent Computing and Networking, vol. 146, 2021, ISBN: 978-981-15-7420-7.

Tools

CORE (COnnecting REpositories)

The University of West London

Evaluation of security and performance impact of cryptographic and hashing algorithms in site-to-site virtual private networks

Abstract

Downloads

Actions (login required)

Menu