| Summary: | 碩士 === 國立中山大學 === 資訊工程學系研究所 === 94 === In recent years, more and more embedded devices are connected to the Internet. Users of embedded devices could obtain necessary services or updates from the World Wide Web. The benefits of having embedded devices connected to the Internet are tremendous; however, the requirement of secure transmission may slow down the performance of the embedded device. For example, if users download files to their own embedded devices from the Internet, the packets must be encrypted/authenticated for secure transmission, and the cost to pay is to slow down the performance of the system. Thus, it is necessary to find ways that can provide a secure connection while at the same time not slowing down the performance of the system.
IPsec (Internet Protocol Security) is a standard for securing Internet Protocol (IP) communications by encrypting and/or authenticating all IP packets. Although IPsec is optional for IPv4, it is required for IPv6. However, IPsec is not wildly used on embedded systems compared to SSL/TLS.
In this thesis, we describe the details of how we port IPsec to a platform running embedded Linux which does not support IPsec. Openswan is an open source implementation of IPsec for the Linux operating system. We use Openswan to set up a Virtual Private Network (VPN) tunnel between a PC and the embedded system platform and use various
encryption/authentication algorithms and services provided by IPsec to do a performance analysis.
|
|---|
