Vector packet encapsulation: the case for a scalable IPsec encryption protocol

Abstract

The IPsec protocol family, although not always undisputed, has shown to be extremely reliable over the last two decades. However, given the fact that communication networks evolved tremendously since ESP was standardized, this paper proposes changes to the security protocol to accommodate for the needs of modern wide area and data center networks. In particular it addresses optimizations for high-speed software implementations as well as use cases in data center networks. The evaluation shows that rather small yet targeted changes are sufficient to allow for more flexible and scalable implementations.