Procedia Computer Science 135 (2018) 259â266 ... and peer-review under responsibility of the 3rd International Conference on Computer Science and Computational ... Nico Surantha et al / Procedia Computer Science 00 (2018) 000â000.
Available online at www.sciencedirect.com Available online at www.sciencedirect.com
ScienceDirect ScienceDirect
Procedia Computer Science 00 (2018) 000–000 Available online at www.sciencedirect.com Procedia Computer Science 00 (2018) 000–000
ScienceDirect
www.elsevier.com/locate/procedia www.elsevier.com/locate/procedia
Procedia Computer Science 135 (2018) 259–266
3rd International Conference on Computer Science and Computational Intelligence 2018 3rd International Conference on Computer Science and Computational Intelligence 2018
Secure Portable Virtual Private Network with Rabbit Stream Cipher Secure Portable Virtual Private Network with Rabbit Stream Cipher Algorithm Algorithm a,b a,b
Nico Suranthaaa, Rinobb Nico Surantha , Rino
Computer Science Department, BINUS Graduate Program – Master of Computer Science, Bina NusantaraBINUS University, Jakarta, Indonesia, 11480 Computer Science Department, Graduate Program – Master of Computer Science, Bina Nusantara University, Jakarta, Indonesia, 11480
Abstract Abstract Employee mobility is an important issue for companies that have a goal to become global company. The company often asks the Employee is anassignments important issue for companies that have a goal to become global company. company often asks the employees mobility to do some outside the office area, either inside or outside of their home The country. A portable virtual private network is a device outside that enables the employees perform remoteofaccess connection to A internal computer employees to do (VPN) some assignments the office area, either to inside or outside their home country. portable virtual private network (VPN)Therefore, is a device enablescan thestill employees perform remote inaccess connection to internal resources via internet. thethat employee work on totheir assignments company server while doingcomputer business resources internet. still work their assignments in company server while travelling. via In this paper,Therefore, the secure the and employee low powercan portable VPN on prototype is being proposed. The prototype of thedoing VPN business portable gateway device built the using OpenVPN-R core applications that are modified from OpenVPN 2.3.10 travelling. In thisispaper, secure and low power portable VPN prototype is being proposed. The version prototype of thewith VPNOpenSSL portable gateway deviceItisisbuilt using OpenVPN-R core applications areRaspberry modified Pi from OpenVPN version 2.3.10 with OpenSSL version 1.0.2h. implemented into a single board computer that (SBC) 3 Model B +. The modification performed in version 1.0.2h. It isinclusion implemented into stream a singlecipher boardalgorithm computer to (SBC) Raspberry Model B +. Theoptions modification in this system is the of Rabbit OpenSSL as onePiof3 the alternative of TLSperformed ciphersuites on OpenVPN. The prototype portablestream VPNcipher gateway device togenerated thisofresearch has Rabbit ciphersuites, platform this system is the inclusion of Rabbit algorithm OpenSSLfrom as one the alternative options of TLS ciphersuites on OpenVPN.and The gateway device generated results from this research Rabbit prototype ciphersuites, independent, hasprototype additionalportable featuresVPN inbuilt firewall. The simulation show that thehas proposed can platform perform independent, and has On additional features firewall.Rabbit The simulation resultsalgorithm show thatshows the proposed prototype can perform secure data transfer. the other hand inbuilt the proposed stream cipher better performance than other algorithm in transfer. terms of data transfer CPU memory usage which leads to smaller power performance consumption.than other secure data On the otherrate, hand theutilization, proposed and Rabbit stream cipher algorithm shows better algorithm in terms of data transfer rate, CPU utilization, and memory usage which leads to smaller power consumption. © 2018 The Authors. Published by Elsevier Ltd. © 2018 2018 The Authors. Published by Elsevier Elsevier Ltd. This is an open accessPublished article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/) © The Authors. by Ltd. This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/) This is an and openpeer-review access article under the CC BY-NC-ND (https://creativecommons.org/licenses/by-nc-nd/4.0/) Selection under responsibility of the 3rdlicense International Conference on Computer Science and Computational Selection and peer-review under responsibility of the 3rd International Conference on Computer Science and Computational Selection and2018. peer-review under responsibility of the 3rd International Conference on Computer Science and Computational Intelligence Intelligence 2018. Intelligence 2018. Keywords: Portable VPN; hardware-based VPN; rabbit algorithm; Open VPN-R; Raspberry Pi 3; VPN-SSL Keywords: Portable VPN; hardware-based VPN; rabbit algorithm; Open VPN-R; Raspberry Pi 3; VPN-SSL
1. Introduction 1. Introduction Employee mobility become one of main requirement of corporate nowadays. The employees often get business mobility becomebranch one oformain requirement corporate nowadays. employees oftenofget business tripEmployee assignment to company client company of which are located eitherThe inside or outside their home trip assignment to company branch or client network companyin which are located eitheritsinside outsidelocated of their country. A company can connect a computer the central office with branchoroffices far home apart country. company connect a computer network in the central office its branch offices locatedHowever, far apart from the A internet, but can it also can provide authority to employees to access thewith company's internal network. from the internet, but it also can provide authority to employees to access the company's internal network. However, 1877-0509 © 2018 The Authors. Published by Elsevier Ltd. This is an open access under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/) 1877-0509 © 2018 Thearticle Authors. Published by Elsevier Ltd. Selection under responsibility of the 3rdlicense International Conference on Computer Science and Computational Intelligence 2018. This is an and openpeer-review access article under the CC BY-NC-ND (https://creativecommons.org/licenses/by-nc-nd/4.0/) Selection and peer-review under responsibility of the 3rd International Conference on Computer Science and Computational Intelligence 2018. 1877-0509 © 2018 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0/) Selection and peer-review under responsibility of the 3rd International Conference on Computer Science and Computational Intelligence 2018. 10.1016/j.procs.2018.08.173
260 2
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266 Nico Surantha et al / Procedia Computer Science 00 (2018) 000–000
when transmitting information through the internet, there are potential vulnerabilities, i.e. eavesdropping, monitoring, modification or alteration of information by unauthorized parties 1. The solution that can be used to overcome such vulnerability is by using virtual private network (VPN). A company prefers to use a VPN rather than having to use a leased line or a provider's dedicated path. Besides being more cost-effective, the VPN also provides security features, e.g. encryption and authentication 2. VPN tunnel is formed to protect the communication between the entities in the system. OpenVPN is one of the most popular open source VPN platform developed by James Yonan in the year 2002 and until now still continue to be developed by a community of developers from around the world 3. In terms of the support platform, OpenVPN can already be used in many platforms, e.g. Linux-based operating system, Debian, BSD, Microsoft Windows, Mac OS X and Solaris 4. There are two kinds of VPN implementation, i.e. software based VPN and hardware based VPN 5. The software based VPN is the most common VPN implementation. It can be installed on top of the operating system, therefore user can perform remote access through their laptop. The weakness of this type of VPN implementation is it consumes the memory or CPU resources of user PC during the remote access. Therefore, the performance of user PC can be slower during the remote access operation. On the other hand, in the hardware based VPN, the separate hardware is used for remote access operation. Hardware-based VPN has a few advantages. Firstly, it can be used in different operating systems PC user (platform independent). Secondly, it is more reliable because it is built on separate hardware from the user PC. Thirdly, it also has additional features like the inbuilt firewall and internet routing 6. Recently, raspberry pi emerged as a low-power PC solution for every applications. Some research have been conducted to develop hardware based VPN on raspberry Pi7,8. In this research, the author proposes the hardware prototype of VPN gateway that works on layer 4 OSI model (SSL VPN) 9. SSL VPN is selected because of flexibility factor or ease of configuration, compatibility with network address translation (NAT), and no trouble with rules 4. The hardware used in the proposed system is SBC Raspberry Pi 3 Model B + with core applications that are modified with OpenVPN. On the top of OpenVPN, Rabbit stream ciphers algorithm is implemented as an alternative option of TLS ciphersuites. The Rabbit stream ciphers algorithm is selected due to its cryptographic strength and simple operations 10. This algorithm has also been standardized by IETF RFC 4503. From the results of testing and analysis, this algorithm is proved to be a strong cryptographic and resistant crypt analitic methods 11 .This paper is organized as followed. In section 2, the prototype design and system implementation is explained. The simulation results are discussed in section 3. Finally, the summary of findings in this paper is concluded in section 4. . 2. Research Methodology The research consists of several steps. Firstly, we identify there is a problem with traditional software based VPN as described in the introduction. Secondly, we perform literature review to find the state of art of the VPN technology development, either the software based and hardware based solution.. Thirdly, we make a design requirement and plan about the hardware and software design. Finally, we perform the evaluation of the designed prototype. In the rest of this paper, the design process and evaluation of the prototype is discussed. 2.1. Design requirement The prototype is designed to support the business travelling employees to perform remote access to the internal company network. We name the prototype as AR-6000. Figure 1 shows the usage scenario of AR-6000. From the Fig. 1, it can be seen that there are two main entities on a zone system AR-6000, which are: • Traveler user zone : It is the zone where a business traveler who performs user remote access is located. The required devices in this zone are a PC or laptop, the AR-6000, and WLAN access point. • Internal resources zone: It is the location of internal resources network where company servers and computers are located.
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266� Nico Surantha/ Procedia Computer Science 00 (2018) 000–000
261 3
The user brings along the AR-6000 with his laptop during the business trip. AR-6000 acts as a VPN client. In case, he wants to access the internal network, AR-6000 will form a tunnel to VPN server. It applies SSL VPN for secure transaction data from and to internal resources through the internet network. Then, the user can access the internal company network remotely to continue their work on server. There are some reasons why we make the VPN client into separate hardware. This prototype is designed to fulfill following requirement • The prototype is required to be user friendly, which means it can be used easily by any user without the needs to perform configuration every time they want to use it. • The prototype is required to work on all platforms. It means the prototype can be used with all type of client operating system (OS) with the aid of internet connection. • In case the device needs reconfiguration, we can configure it by connecting to the device via secure shell connection (SSH). • It is required that the device is capable to secure data transmission from VPN client to VPN server. Every time the user performs remote access to internal resources, AR-6000 receives a request from a user's PC through an Ethernet port which is connected through the UTP cable crossover, then forward those requests to the VPN server relays the intended recipients via the interface Wi-Fi, Wi-Fi interface connected to a WLAN access point. In General, AR-6000 serves to bridge the communication between the PC user with an outside network, whether for accessing the internet or remote access to internal resources.
Figure 1 Portable VPN usage scenario (AR-6000)
Figure 2 Hardware Design of AR-6000
2.2. Hardware Design Based on design requirement described in previous sub-section, few hardware are required for implementation in traveller user zone and internal resources zone as shown by Fig. 2. In traveller user zone, the user PC/laptop and AR-6000 are operated. AR-6000 consists of SBC Raspberry Pi 3 Model B+ as microcontroller module, LCD module for display, and USB Wi-Fi module as communication media. The microcontroller organizes all functions of AR-6000 protoype, e.g. managing communication with user PC, routing, IP forwarding, IP masquerading, etc. OpenVPN-R is installed as core applications in microcontroller. The LCD module is used to display information such as IP Ethernet port of AR-6000 and to run the application by touch screen module. In order to connect to internet, AR-6000 is equipped with Wi-Fi module as a communication media to nearest WLAN access point. User PC performs access request to VPN relay server through the AR-6000. User PC is also capable to configure AR6000 via SSH connection. On the other hand, in internal resource zone, there are 3 components, i.e. VPN relay server, internal database, and internal web server. VPN relay server is a PC that used as remote access target of user. It receives and organizes remote access request from AR-6000. Open VPN-R is also installed on VPN relay server in order to create VPN tunnel to AR-6000 with Rabbit ciphersuites. The detail specification of AR-6000 hardware is defined in table 1.
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266 Nico Surantha et al / Procedia Computer Science 00 (2018) 000–000
262 4
Table 1 Hardware Specification of AR-6000 No
Component
Specification
1
microcontroller
SBC Raspberrry Pi type 3 model B+
2
display module
3.5 inch LCD module
3
Storage
Micro SD card Sandisk 8GB class 10
4
Power cable
USB to micro USB
5
User PC to AR 6000 connection media
UTP crossover cable
6
AR-6000 to VPN server connection media
USB WiFi dongle
2.3. Software Design In this section, we discuss about the software design for the portable VPN prototype. The software package is a modification of OpenVPN. It is named as Open VPN +R. This software operates at SBC Raspberry Pi Model B+ as core VPN applications. The fundamental difference between OpenVPN +R with the original OpenVPN is the inclusion of Rabbit ciphersuites as an alternative option of TLS ciphersuites to protect transaction data path or channel. OpenVPN uses OpenSSL for cryptographic algorithms and supplying the TLS ciphersuites. Therefore, to add the Rabbit ciphersuites on OpenVPN-R implementation of algorithms to do stream ciphers Rabbit on OpenSSL and modify the OpenVPN so that can recognize the stream cipher algorithm that is implemented in OpenSSL Rabbit. To perform the implementation, it is necessary to design a new TLS ciphersuites which is a combination of several cryptographic algorithms with the Rabbit stream cipher algorithm as a data encryption algorithm (bulk encryption algorithm). The combination of cryptographic algorithms is composed of server authentication algorithms, key exchange algorithms, data encryption algorithms and message digest algorithms. The new TLS ciphersuites made in this study refer to the TLSv1.2 protocol standard (RFC 5246) as defined by table 2. Table 2 Protocol Ciphersuite Rabbit in Open VPN-R Ciphersuites Rabbit TLS_RSA_WITH_RABBIT_SHA TLS_DHE_DSS_WITH_RABBIT_SHA TLS_DHE_RSA_WITH_RABBIT_SHA
Authentication RSA DSS RSA
Key Change RSA DSS RSA
Encryption RABBIT RABBIT RABBIT
Message Digest SHA SHA SHA
In this research, the author uses OpenSSL version 1.0.2h which is claimed to have successfully closed the heart bleed security gap. In general, the implementation of the modification of source code will be done in both OpenSSL libraries, i.e. the cryptography library and the SSL library. Additions in the cryptography library are required because in this library all cryptographic functions are stored, including the Rabbit stream cipher algorithm that will be implemented. As for the SSL library focused on the addition of new ciphersuites, resulting SSL implementation that supports the use of Rabbit stream cipher algorithm. It also needs to be modified on some compilation scripts so that the source code of the implemented Rabbit stream cipher algorithm can be integrated with OpenSSL. The result of this implementation stage is OpenSSL version 1.0.2h which has loaded Rabbit stream cipher algorithm as one of alternative choice of encryption algorithm, both encoding on TLS ciphersuites and manual encoding through OpenSSL console application. After the implementation of the Rabbit stream cipher algorithm is complete, the next will be modified and recompiled on OpenVPN to recognize Rabbit stream cipher algorithm implemented in OpenSSL. OpenVPN used in this research is OpenVPN version 2.3.10. Once the modifications to OpenVPN are completed, then the result is OpenVPN version 2.3.10 which can already recognize Rabbit stream cipher algorithm. The OpenVPN version is referred to as OpenVPN-R which will be used as the core application of AR-6000 devices.
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266� Nico Surantha/ Procedia Computer Science 00 (2018) 000–000
263 5
2.4. Rabbit Stream Cipher Algorithm Rabbit algorithm is a stream cipher algorithm that uses secret key with 128-bit and 64-bit IV as input. The result of its internal state combination produces output in the form of a series of semi-random bit (pseudorandom bit) with 128-bit length per block. The encryption / decryption process is performed by XOR-ing the semi-random bit sequence with plaintext / ciphertext. Its internal state consists of 513 bits. The state is divided into eight 32-bit state variables, eight 32-bit counters and one carry bit counter. The eight state variables are updated by the non-linear functions of each pair of state variables 12. Rabbit algorithms are designed to be efficient in software implementation and enable a 128-bit key size to encrypt up to 264 plaintext blocks. This means that in order to perform an attack without knowing the key sequence, the attacker must determine up to 264 ciphertext output blocks or perform an exhaustive key search of 264 key combinations. 2.5. System Implementation In this section, we discuss about installation of the AR-6000 device to Personal Computer (PC). The micro USB port of the device is connected to the PC's USB port and the ethernet port (eth0) of the device is connected to the PC ethernet port as shown by Fig. 3. When the device receives a 5V of voltage supply from PC, the device can boot automatically. After booting up perfectly, the device will display the information as its date, time and IP address as shown by Fig. 4.
Figure 3 Installation of AR-6000 device
Figure 4 Interface of AR-6000 Device
3. Simulation Results and Discussion 3.1. Security Evaluation of AR-6000 Device Firstly, we evaluate the security aspects of the device using network monitoring. In this case, the evaluation is performed by comparing remote access via wlan0 interface and tun0 interface of AR-6000 device. The remote access via wlan0 is performed without the Rabbit cipher suites, while the remote access via tun0 is protected by Rabbit ciphersuites. The purpose of this test is to validate if the transmitted data packets from AR-6000 that contain sensitive information such as username, password, session or other critical information can be safely transmitted. Fig. 5 illustrates the evaluation scenario. The application used for monitoring on network systems AR-6000 devices is wireshark. To implement this testing, the user will make a remote access to the database server, then enter the username and password parameters to gain access into the database. Firstly, we perform remote connection via wlan0 interface and monitor through wireshark application. As shown by Fig. 6, the transmitted data are not encapsulated. Therefore, attacker can directly recognize the username and password. Fig. 6 shows that the protocol used is HTTP with POST method. It also shows that the username used to access the database is "root" and the password used is "admin". Then, we perform same remote connection via tun0 interface and monitor through wireshark application. Users who use the tun0 interface AR-6000 device for remote
264 6
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266 Nico Surantha et al / Procedia Computer Science 00 (2018) 000–000
access to their encapsulated protocol database server and does not recognize the username and password. Fig. 7 shows that the protocol used is OpenVPN and data packets transmitted in encrypted state, which means the protocol is safely encapsulated. This result proves that AR-6000 device can provide security guarantee of remote access by a traveler user.
Figure 5 Security Evaluation Scenarios
Figure 6 Monitoring Results on wlan0 Interface
Figure 7 Monitoring Result on tun0 Interface
3.2. Stream Cipher Performance Comparison on AR-6000 Device In this simulation, we evaluate the performance of Rabbit stream cipher algorithm in terms of data transfer rate, memory consumption, and CPU utilization. The purpose of this simulation is to justify the selection of Rabbit stream cipher algorithm for the AR-6000 prototype ahead of other algorithms. We compare the performance of Rabbit algorithm to the other conventional algorithms, e.g. AES-256, Triple DES (3DES), CAMELIA 256, and SEED. In order to this simulation, we used two applications, i.e. file transfer protocol (FTP) and HTOP. The FTP we use as data generator, to simulate the data transfer between AR-6000 and VPN server as shown by Fig. 8. This test is performed with the aim of benchmarking or comparison of data transfer rates of Rabbit ciphersuites on OpenVPN-R with ciphersuites of OpenVPN algorithms, including AES-256, Triple DES (3DES), Camellia-256, and Seed ciphersuites. All of the selected ciphersuites have the same authentication, key exchange, and message digest algorithms. It aims to pinpoint the specification of the ciphersuites of each algorithm. Data transfer will be
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266� Nico Surantha/ Procedia Computer Science 00 (2018) 000–000
265 7
performed by using FTP through VPN tunnel formed by AR-6000 device with VPN relay server. One algorithm will be used to transfer data with variants of size 1 MB, 5 MB, 10 MB, 50 MB, and 100 MB. In order to perform data transfer to FTP server, the Filezilla FTP client application has been installed on the client PC.
Figure 8 Stream Cipher Performance Testing Scenario
Figure 9 Transfer Rate Performance using Different Stream Ciphers
Firstly, we measure the data transfer speed. From each ciphersuites the data displayed is the average speed of thirty times the experiment with the same file size. Fig. 9 shows each ciphersuites performance test results for data transfer between entities. As expected, It can be seen that the size of the data greatly affect the time required for data transfer process. The larger the size of the data, the longer it takes to process the data transfer. The time required for the data transfer process is directly proportional to the size of the data. If the size of the data is ten times larger than the size of Time (second) other data, then the average time required to complete the data transfer will also increase ten times greater. From these data it can be seen that Rabbit's ciphersuites have relatively better performance to transfer data from 5 predefined file sizes (1 MB, 5 MB, 10 MB, 50 MB, 100 MB). For small data size, i.e. 1 MB, 5 MB, and 10 MB, the difference of transfer data rate between Rabbit algorithms and other algorithms is not significant. However, for bigger data size, i.e. 50 MB and 100 MB, the difference of transfer data rate between Rabbit Algorithm and other algorithms reach 8 seconds and 13 seconds, respectively. It also can be seen that the data transfer performance difference is more significant for bigger file size. It may happens because the Rabbit Algorithm is a 128 bit Stream Cipher algorithm and also has an uncomplicated computation. Secondly, we perform memory consumption testing for each ciphersuites. The evaluation is performed by using a htop applications installed on the AR-6000 device to measure memory consumption of application on user PC. We perform data transmission with five data sizes that have been used when testing the Performance TLS Ciphersuites In this case there are two indicators that can be used to measure the use of memory in a process, i.e. virtual memory size (VSZ) and resident set size (RSS). VSZ shows how much memory is allocated to a process, while RSS shows how much memory is being used by the running process. To find out how much OpenVPN-R algorithm uses memory, this research uses RSS indicator. Fig. 10 shows the memory usage of AR-6000. From the graph above shows that ciphersuite Rabbit is the least in memory consumption on AR-6000 devices. It is noted that Rabbit algorithm consumes 212 KB less of memory compared to AES-256 and Camelia-256 which consume most memory allocation among the evaluated algorithms. It occue due to the lesser complexity of encryption process on the Rabbit algorithm compared to other algorithms, which in this case are AES256, 3DES, Camellia and Seed. Other than that, it happens because Rabbit algorithm does not use S-box or operation on GF (2n). Therefore it is not required look up table, so the required memory space both in the implementation of hardware and software is very small 13. Thirdly, we measure the CPU utilization of each ciphersuites. Evaluation at this stage are performed using htop applications installed on AR-6000 devices. This test is almost the same as the memory consumption testing, which is data transmission with five data variables that have been used. In this case there are two indicators that can be used to measure CPU utilization in a process, the indicator used is to see the load average and percentage CPU Utilization. From the indicator shows how much CPU is used for a running process. Here is a graph of CPU usage of AR-6000. Fig. 11 shows that ciphersuites Rabbit is the least in CPU utilization on AR-6000 devices. The
Nico Surantha et al. / Procedia Computer Science 135 (2018) 259–266 Nico Surantha et al / Procedia Computer Science 00 (2018) 000–000
266 8
difference of CPU utilization is in average 1%. May in this case have a same reason with the memory consumption, which is the encryption process (mathematical calculations) on the Rabbit algorithm is simpler than other algorithms.
Figure 10 Memory Consumption Evaluation
Figure 11 CPU Utilization Evaluation
4. Conclusion In this paper, the prototype of portable VPN has been presented. The prototype is built on Raspberry pi-3 using Open VPN. The novelty of the portable VPN is the inclusion of Rabbit cipher suites on Open VPN. The simulation results show that the designed prototype can encapsulate the important and sensitive data exchanged by VPN client and VPN server. In this paper, we also evaluate the performance of Rabbit ciphersuites in terms of data transfer speed, memory consumption, and CPU utilization. The evaluation is performed to justify the selection of Rabbit algorithms ahead of other algorithms, i.e. AES-256, Triple DES (3DES), CAMELIA 256, and SEED. The simulation results show that the Rabbit algorithm achieves highest data rate, lowest memory consumption, and lowest CPU utilization among all the evaluated algorithms. This results mean that the rabbit algorithm is the most appropriate ciphersuites to be implemented in embedded system which has low power requirement. References 1.
Choffnes D. A case for personal virtual networks. In: Proceedings of the 15th ACM Workshop on Hot Topics in Networks. 2016. p. 8– 14.
2.
Alshalan A, Pisharody S, Huang D. A survey of mobile VPN technologies. IEEE Commun Surv Tutorials. 2016;18(2):1177–96.
3.
Matotek D, Turnbull J, Lieverdink P. Networking with VPNs. In: Pro Linux System Administration. Springer; 2017. p. 701–31.
4.
Henmi A, Lucas M, Singh A, Cantrell C. Firewall Policies and VPN Configuration. Network. Elsevier; 2006. 512 p.
5.
Turan F, De Clercq R, Maene P, Reparaz O, Verbauwhede I. Hardware Acceleration of a Software-based VPN. In: Field Programmable Logic and Applications (FPL), 2016 26th International Conference on. 2016. p. 1–9.
6.
Khurana S. Performance Evaluation of Dynamic Routing Protocols using Firewall and VPN_Firewall under Cloud Computing. Int J Comput Appl. 2014;90(10).
7.
Childers B. Securi-pi: Using the Raspberry Pi As a Secure Landing Point. Linux J [Internet]. 2015;2015(258):1. Available from: http://dl.acm.org/citation.cfm?id=2846068.2846069
8.
Caldas-Calle L, Jara J, Huerta M, Gallegos P. QoS evaluation of VPN in a Raspberry Pi devices over wireless network. In: Devices, Circuits and Systems (ICCDCS), 2017 International Caribbean Conference on. 2017. p. 125–8.
9.
Park P, Ryu H, Hong G, Yoo S, Park J, Ryou J. A Service Protection mechanism Using VPN GW Hiding Techniques. In: Information Science and Applications. Springer; 2015. p. 1053–62.
10.
Vidal G, Baptista MS, Mancini H. A fast and light stream cipher for smartphones. Eur Phys J Spec Top. 2014;223(8):1601–10.
11.
Boesgaard M, Pedersen T, Vesterager M, Zenner E. The Rabbit Stream Cipher-Design and Security Analysis. IACR Cryptol ePrint Arch. 2004;2004:291.
12.
Boesgaard M, Vesterager M, Zenner E. The Rabbit stream cipher. In: New stream cipher designs. Springer; 2008. p. 69–83.
13.
Akhyar F, Nasution SM, Purboyo TW. Rabbit algorithm for Video on Demand. In: Wireless and Mobile (APWiMob), 2015 IEEE Asia Pacific Conference on. 2015. p. 208–13.
