Many networking applications require secure and authenticated communications. SSL and its related protocols are often used to enable secure communications between a client and a server. One drawback of SSL is that the encryption and cryptographic processing involved in an SSL connection may require significant computing resources, slowing down client access. Both SSL handshakes and SSL record transmission involve significant cryptographic operations. One solution to this problem is to offload the task of SSL processing to a network appliance, which may sit in front of a server on a network and handle SSL connection requests. The appliance may then transmit data received via the SSL communications to the server either via a nonsecure channel or via a single SSL connection using connection pooling techniques.
However, this solution may not be adequate for all networks. Computing SSL handshake messages may be a processor intensive task, and thus reduce the number of appliance processor cycles available for other tasks, such as servicing other connections, load balancing, and caching. Although some appliances may offload some cryptographic functions to specially designed cryptographic processing chips or cards, this approach also has drawbacks. For example, an appliance may not be able to utilize the full bandwidth of such a card. Or, for example, using such a card may introduce additional sources of delay. Thus there exists a need for systems and methods which accelerate and improve the processing of encrypted data on a network appliance.