Existing
work on security-enhanced data transmission includes the designs of
cryptography algorithms and system infrastructures and security-enhanced
routing methods. Their common objectives are often to defeat various threats
over the Internet, including eavesdropping, spoofing, session hijacking, etc.
Among many well-known designs for cryptography based systems, the IP Security
(IPSec) and the Secure Socket Layer (SSL) are popularly supported and
implemented in many systems and platforms. Although IPSec and SSL do greatly
improve the security level for data transmission, they unavoidably introduce
substantial overheads, especially on gateway/host performance and effective
network bandwidth. For example, the data transmission overhead is 5 cycles/byte
over an Intel Pentium II with the Linux IP stack alone, and the overhead
increases to 58 cycles/byte when Advanced Encryption Standard (AES) is adopted
for encryption/decryption for IPSec.