Skip to Main Content
Achieving improved TCP performance together with ensuring end-to-end security necessitates the co-existence of security mechanisms like IPSEC and performance enhancing solutions. However, IP security and TCP performance have been traditionally dealt with in a mutually exclusive manner. We propose an innovative mechanism, secure performance enhancing proxy (SPEP) to address the seemingly arduous problem of enhancing TCP performance over wireless networks, preserving end-to-end TCP semantics as well as ensuring end-to-end security. The proposed SPEP scheme decouples loss detection and loss distinction mechanism from loss recovery mechanism which not only facilitates in performance improvement but also offers multifarious advantages discussed in the paper. We have implemented the proposed scheme in FreeBSD 4.5 and conducted experiments in a controlled test bed setup. Our results show improved TCP performance in a secured environment with introduction of minimal overhead.