Title :
A New VPN Solution Based on Asymmetrical SSL Tunnels
Author :
Zhou, Jingli ; Xia, Hongtao ; Wang, Xiaofeng ; Yu, Jifeng
Author_Institution :
Sch. of Comput. Sci. & Technol., Huazhong Univ. of Sci. & Technol., Wuhan
Abstract :
Conventional SSL tunnel of SSL-based virtual private network is symmetric, in which the data must be encrypted at one end and decrypted at the other end, or contrariwise for the reverse direction. Because all data flows of VPN are relayed by VPN server via SSL tunnels, those symmetric SSL tunnels cause a lot of computational load concentrated in VPN server, and make it the bottleneck of VPN. This paper proposes a cheap solution to eliminate that bottleneck for larger scale SSL VPNs: The VPN based on asymmetric SSL tunnels (AST). It is coupled with two algorithms: IP packet engrafting and UDP diffusing. In this solution, portion of computational load is distributed to disengaged internal application servers. Experiment shows that the overall throughput of VPN can be greatly improved by adopting AST solution
Keywords :
IP networks; telecommunication security; transport protocols; virtual private networks; IP packet engrafting; UDP diffusing; asymmetrical secure socket layer tunnels; virtual private network; Access protocols; Computer science; Cryptographic protocols; Cryptography; Local area networks; Network servers; Relays; Throughput; Virtual private networks; Web server;
Conference_Titel :
Frontier of Computer Science and Technology, 2006. FCST '06. Japan-China Joint Workshop on
Conference_Location :
Fukushima
Print_ISBN :
0-7695-2721-3
DOI :
10.1109/FCST.2006.4
