Transmission Control Protocol (TCP) was originally designed for wired networks. Many compatibility problems exist when it is applied to wireless environments, and hence it needs to undergo modifications. Currently, th...Transmission Control Protocol (TCP) was originally designed for wired networks. Many compatibility problems exist when it is applied to wireless environments, and hence it needs to undergo modifications. Currently, there are several TCP performance enhancement techniques for application of TCP in wireless environments, but all of them conflict with IPsec. This paper not only analyzes these conflicts, but also proposes 4 solutions: replacing IPsec with Transport Layer Security/Secure Socket Layer (TLS/SSL) protocol, adopting the extended Encapsulating Security Payload (ESP) protocol, segmenting the TCP route, and modifying the end-to-end protection mode of IPsec. It also presents their strengths and weaknesses.展开更多
IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose ...IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol(T-IP) for authenticated and encrypted network layer communications. T-IP has the following advantages:(1) Self-Trustworthy IP address.(2) Low connection latency and transmission overhead.(3) Reserving the important merit of IP to be stateless.(4) Compatible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our security-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and Do S attack. The evaluation shows that T-IP has a much lower transmission overhead and connection latency compared with IPsec.展开更多
文摘Transmission Control Protocol (TCP) was originally designed for wired networks. Many compatibility problems exist when it is applied to wireless environments, and hence it needs to undergo modifications. Currently, there are several TCP performance enhancement techniques for application of TCP in wireless environments, but all of them conflict with IPsec. This paper not only analyzes these conflicts, but also proposes 4 solutions: replacing IPsec with Transport Layer Security/Secure Socket Layer (TLS/SSL) protocol, adopting the extended Encapsulating Security Payload (ESP) protocol, segmenting the TCP route, and modifying the end-to-end protection mode of IPsec. It also presents their strengths and weaknesses.
基金supported by the national key research and development program under grant 2017YFB0802301Guangxi cloud computing and large data Collaborative Innovation Center Project
文摘IPsec has become an important supplement of IP to provide security protection. However, the heavyweight IPsec has a high transmission overhead and latency, and it cannot provide the address accountability. We propose the self-trustworthy and secure Internet protocol(T-IP) for authenticated and encrypted network layer communications. T-IP has the following advantages:(1) Self-Trustworthy IP address.(2) Low connection latency and transmission overhead.(3) Reserving the important merit of IP to be stateless.(4) Compatible with the existing TCP/IP architecture. We theoretically prove the security of our shared secret key in T-IP and the resistance to the known session key attack of our security-enhanced shared secret key calculation. Moreover, we analyse the possibility of the application of T-IP, including its resilience against the man-in-the-middle attack and Do S attack. The evaluation shows that T-IP has a much lower transmission overhead and connection latency compared with IPsec.
