In networking environments that include devices or nodes coupled to a network, various methodologies are used to establish and maintain a secure network connection. These networks may include, but are not limited to, wired or wireless local area networks (LAN/WLAN), wide area networks (WAN/WWAN), metropolitan area networks (MAN), personal area networks (PAN) and cellular or wireless broadband telephony networks. One example methodology used on these types of networks to establish and maintain a secure network connection uses an industry standard that is based on Internet communication protocols. This industry standard is the Internet Engineering Task Force, Network Working Group, Request for Comments: 4301, Security Architecture for the Internet Protocol, published December 2005 (“the IPsec standard”).
An other related industry standard describes ways to encapsulate encrypted data exchanged between nodes on a secure network connection that is maintained according to the IPsec industry standard. This other industry standard is the Internet Engineering Task Force, Network Working Group, Request for Comments: 4303, IP Encapsulating Security Payload (ESP), published December 2005 (“the ESP standard”). Further, numerous cryptographic algorithms and modes to implement those cryptographic algorithms are part of a secure network connection when implementing IPsec and ESP. Cryptographic algorithms may include, but are not limited to, the Advanced Encryption Standard (AES), and the Triple Data Encryption Standard (3DES). Modes to implement AES or 3DES may include, but are not limited to Cipher Block Chaining (CBC) and Counter (CTR) modes.
Implementing IPsec and ESP to exchange data over a secure network typically requires an increasing amount of node resources as the rate that data is exchanged on a secure network connection increases. These node resources need to encrypt transmitted data and decrypt received data at ever increasing rates with ever increasing efficiency. The way the data is encrypted and decrypted likely varies based on the cryptographic algorithm and mode to implement the cryptographic algorithm. Typically, as part of a process described by the IPsec standard as an IPsec security association, nodes negotiate the cryptographic algorithm and mode and come to an agreement on which to use to exchange data. As mentioned above, this may include one of several different cryptographic algorithm and mode combinations.