This application relates to the field of data networks, and to systems and methods of improving the performance of secure communications over data networks. For establishing secure communication across untrusted networks, a common approach is to use a protocol that uses both public-key cryptographic techniques and symmetric-key cryptographic techniques. Typically, public-key cryptography has better security properties but is more expensive computationally than symmetric-key cryptography. Thus, the two types of cryptography are combined by using public-key techniques to negotiate a symmetric cipher between two entities. The symmetric-key cipher is used for bulk data transfer between the entities. Secure Socket Layer (SSL) and Transport Layer Security (TLS) are widely-used examples of secure communication protocols that have this form, as is IPSec when security associations are negotiated using IKE's RSA-based mechanisms.
Secure communication protocols often add a computational cost to each secured connection. For server computers providing many simultaneous secure connections to client computers, the additional computational overhead imposed by secure communication protocols can be significant. To decrease the computational overhead of secure communication protocols for computers providing large numbers of secure connections, there are various devices that specialize in terminating secure connections. In general, these secure connection termination devices appear to client systems as a server providing a secure connection. The secure connection termination devices manage the cryptographic and other security related aspects of the connection, thereby relieving server systems providing services to client systems of the additional overhead imposed by the secure connection.
These secure connection termination devices are configured in much the same way as a server supporting secure communication protocols, including, for example, private keys, public keys, and security certificates. From a security perspective, secure connection termination devices are identical to servers and must be protected identically. If the security of a secure connection termination device is compromised, for example by the loss of the server private key, attackers would be able to set up a fake server that would be trusted by secure communication protocol client systems.
A transaction accelerator such as that described in McCanne I can offer performance improvement for operations across a wide-area network (WAN), but only when the data being communicated is either intelligible (i.e. the transaction accelerator can interpret at least parts of the protocol) or repeating (i.e. identical data crosses the network in identical format). The use of secure communication protocols frustrates transaction acceleration, because cryptography (by design) renders encrypted data unintelligible and non-repeating.
A similar observation applies to local caching: even if a secure communication protocol request asks for an object that is locally cached, it is impossible to tell from the network traffic going between client and server. Some caching systems have included the capability to locally terminate secure communication protocols by loading the server keys and certificates of associated server systems. However, many of these devices do not include protected storage for keys and certificates, instead relying on security-through-obscurity. Because of the risks involved and the cost and complexity of key management at multiple edge locations, these caching systems are rarely used to terminate secure connections outside of large data centers. Instead, such secure communication protocols caching has been used more as a variant of secure communication protocols termination, in reverse-proxy configurations near the servers.
It is therefore desirable for a transaction accelerator or network caching system to provide transaction acceleration or caching in conjunction with secure communication protocol terminations. It is further desirable for a transaction accelerator or network caching system to support secure communication protocol terminations without requiring the deployment and maintenance of server private keys to edge devices.