In communications between a client and a server, it is often beneficial to provide increased security. One mechanism for providing increased security is through the use of the Secure Socket Layer (SSL) protocol which uses a hybrid public-key system in which public-key cryptography is used to allow a client and a server to securely agree on a secret session key.
FIG. 1 illustrates a conventional SSL connection between a client 100 and a server 102. As seen in FIG. 1, the client 100 communicates directly with the server 12 utilizing the SSL connection 106. It is to be understood that the SSL protocol connection 106 will typically be established through a plurality of bridge/router devices.
The SSL protocol may provide privacy and integrity between two communicating applications. The SSL protocol typically utilizes two layers, the lowest layer of which is the SSL Record Protocol, which is layered on top of a communications protocol such as the transmission control protocol/Internet protocol (TCP/IP). The SSL Record Protocol encapsulates higher level protocols such as the SSL Handshake Protocol. The SSL Handshake Protocol generally allows the server and client to authenticate each other and to establish an encryption method and keys. The SSL protocol is further described in U.S. Pat. No. 5,657,390 entitled “Secure Socket Layer Application Program Apparatus and Method” which is incorporated herein by reference as if set forth in its entirety.
One advantage of SSL is that it is application protocol independent. A higher level protocol can layer on top of the SSL Protocol transparently. Thus, the SSL protocol provides connection security where encryption is used after an initial handshake to define a secret key for use during a session and where the communication partner's identity can be authenticated using, for example, a well known public certificate issuing authority. Examples of such well known certificate authorities include RSA Data Security, Inc, Verisign™ and EquiFax™.
SSL protocol encryption generally provides protection both against an unauthorized recipient accessing an encrypted message and against an unauthorized recipient secretly tampering with the contents of the message. Using SSL, a message(s) containing a plurality of packets is encrypted. In addition, an encrypted message authentication code (MAC) is generated for each packet which may be used to detect tampering with the data within a packet. The received MAC may be compared to a MAC calculated at the intended recipient based on the received packet. If the calculated and received MACs do not match, an error is detected which may indicate tampering with the packet.
One disadvantage of using SSL protocol communications in an Internet environment is that the SSL protocol itself is typically the bottleneck for secure Internet servers, like hypertext transfer protocol (HTTP) servers. The latency of the SSL protocol typically comes in three phases, including the extra network traffic, the use of RSA private key decryption for key exchange and the symmetric encryption of the bulk data to be transferred between the client and the server. The network overhead has been addressed previously by providing efficiencies in the SSL implementations as related to sockets. The RSA public/private key operations are addressed by various crypto-hardware products, such as the 4758 Cryptographic Adapter available from International Business Machines Corporation (IBM) of Armonk, N.Y. and the CryptoHighway RSA Accelerator, also available from IBM.
Symmetric encryption of the bulk data is generally not considered as severe of a central processing unit (CPU) consumer as the RSA operations. Nonetheless, symmetric encryption typically consumes an increased amount of CPU resources as compared to clear text transmittal. Various crypto hardware accelerators contain circuitry for symmetric ciphers (data encryption standard (DES), 3DES, RC4), but the nature of the SSL protocol makes it difficult to obtain any advantage through the use of such crypto co-processors. The maximum size of the data payload generally specified for an SSL data packet is 16K bytes. In addition, higher level applications utilizing the SSL layer for secured transmissions may impose a lesser payload size. For example, the Domino Go Webserver (DGW) webserver generally prefers the use of record sizes of 4K bytes. Crypto co-processors generally work most efficiently with large chunks of data. The SSL protocol, however, prohibits encrypting more than a maximum record size of the data, generally 16 k bytes, as each encrypted record contains a hash of clear text data included in the payload. Furthermore, both the encryption key and the hash key are typically determined per SSL connection and used across multiple packets.
SSL-based protocols, such as SSL and Transport Layer Security (TLS), typically provide a message authentication code for each data record (or packet) to make it easier to stream data through network connections. However, these protocols were generally not designed with the efficient use of crypto-hardware as a consideration nor for the graphic intensive web pages that are popular with various e-business and other Internet ventures. Furthermore, the challenges of providing large sets of mundane or repetitive data through encryption has generally not been addressed by methods other than the use of crypto-hardware, such as described above, in an attempt to accelerate the existing protocols. Attempts outside of protocols, such as cryptolopes and secure datagrams have been attempted but, because such approaches did not fit well with existing defined web infrastructures, they are limited in their potential to fully address the problem without disruption. Thus, approaches which facilitate encrypted communication of large quantities of data records in the web environment in a manner which is consistent with the existing framework of such an environment would be desirable.