Abstract
The move to a pervasive computing environment, with the increasing use of laptops, netbooks, smartphones and tablets, means that we are more reliant on wireless networking and batteries for our daily computational needs. Specifically, this includes applications which have sensitive data that must be securely communicated over VPNs. However, the use of VPNs and mobile, wireless computing creates conflicting needs: VPNs traditionally assume a stable network connection, which is then secured; in contrast, wireless computing assumes a transitory network connection due to mobility or energy-saving protocols. In this work we study the ability to use traditional VPN protocols, specifically IPsec, in mobile environments while permitting for energy savings. Energy savings come from power-cycling the wireless radio when it is not in use.
More specifically, we develop a mathematical model for determining potential power savings on mobile devices when power-cycling the radio in IPsec use settings. Next, we perform performance measurements on IPsec session resumption protocols IKEv2 [1], MOBIKE [2], and IPsec Gateway Failover (IGF) [3] to provide data for our model. We apply the model to over 3000 wireless sessions, and determine the optimal power savings that could be achieved by power-cycling the radio while maintaining an IPsec connection. We show that there is a high-potential for energy savings in the best case. Finally, we develop an efficient and simple real-world online scheduling algorithm that achieves near optimal results for a majority of users.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Kaufman, C.: Internet Key Exchange (IKEv2) Protocol. RFC4306 (December 2005)
Eronen, P.: IKEv2 Mobility and Multihoming Protocol (MOBIKE). RFC4555
Sheffer, Y., Tschofenig, H., Dondeti, L., Narayanan, V.: IPsec Gateway Failover Protocol. draft-sheffer-ipsec-failover-04.txt (July 2008)
Palumbo, S., Dyer, N.: Maximizing Mobile Worker Productivity. Yankee Group Research, Inc. (January 2008)
Kent, S., Seo, K.: Security Architecture for the Internet Protocol. RFC4301 (2005)
Housley, R.: Using Advanced Encryption Standard (AES) CCM Mode with IPsec Encapsulating Security Payload (ESP). RFC4309 (December 2005)
Agarwal, Y., Schurgers, C., Gupta, R.: Dynamic power management using on demand paging for networked embedded systems. In: Asian and South Pacific Design Automation Conference, ASP-DAC (2005)
IEEE Computer Society: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications. IEEE Standard 802.11, 1999 Edition (1999)
Pering, T., Agarwal, Y., Gupta, R., Want, R.: CoolSpots: Reducing the Power Consumption of Wireless Mobile Devices with Multiple Radio Interfaces. In: ACM MobiSys (2006)
Anad, M., Nightingale, E.B., Flinn, J.: Self-Tuning Wireless Network Power Management. In: ACM MobiCom (2003)
Nedevschi, S., Chandrasheka, J., Liu, J., Nordman, B.: Skilled in the art of being idle: Reducing energy waste in networked systems. In: ACM/USENIX Symposium on Networked Systems Design & Implementation, NSDI (2009)
Shih, E., Bahl, P., Sinclair, M.J.: Wake on Wireless: An Event Driven Energy Saving Strategy for Battery Operated Devices. In: ACM MobiCom (2002)
Harkins, D., Carrel, D.: The Internet Key Exchange (IKE). RFC2409 (November 1998)
Huang, G., Beaulieu, S., Rochefort, D.: A Traffic-Based Method of Detecting Dead Internet Key Exchange (IKE) Peers. RFC3706 (February 2004)
Salowey, J., Zhou, H., Eronen, P., Tschofenig, H.: Transportation Layer Security (TLS) Session Resumption without Server-Side State. RFC4507 (May 2006)
Linux/ACPI project: Linux ACPI, http://www.lesswatts.org/projects/acpi
strongSwan project: strongSwan, http://www.strongswan.org/
Tegeler, F.: Security analysis, prototype implementation, and performance evaluation of a new IPSec session resumption method. Master’s thesis, University of Goettingen (2008)
Kivinen, T., Tschofenig, H.: Design of the IKEv2 Mobility and Multihoming Protocol (MOBIKE). RFC4621
Allard, F., Bonnin, J.M.: An application of the context transfer protocol: IPsec in a IPv6 mobility environment. Int’l. Journal of Communication Networks and Distributed Systems 1(1) (2008)
Loughney, J., Nakhjiri, M., Perkins, C., Koodli, R.: Context Transfer Protocol (CXTP). RFC4067 (July 2005)
Choi, H., Song, H., Cao, G., Porta, T.L.: Mobile multi-layered IPsec. In: IEEE Infocom (March 2005)
Zhang, Y., Singh, B.: A multi-layer IPsec protocol. In: USENIX Security Symposium (August 2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Shin, Y., Myers, S., Gupta, M. (2010). Saving Energy on WiFi with Required IPsec. In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-16161-2_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16160-5
Online ISBN: 978-3-642-16161-2
eBook Packages: Computer ScienceComputer Science (R0)