IPSec: Performance Analysis and Enhancements
Internet Protocol Security (IPSec) is a widely deployed mechanism for implementing Virtual Private Networks (VPNs). In previous work, the authors examined the overheads incurred by an IPSec server in a single client setting. In this paper, they extend that work by examining the scaling of a VPN server in a multiple client environment and by evaluating the effectiveness of connection credential caching. Motivated by the potential benefits of caching, they also propose a cryptographically secure cache resumption protocol for IPSec connections to reduce the connection establishment overheads.