{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T00:13:40Z","timestamp":1768522420513,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":42,"publisher":"ACM","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,8,7]]},"DOI":"10.1145\/3735358.3735389","type":"proceedings-article","created":{"date-parts":[[2025,7,17]],"date-time":"2025-07-17T23:08:27Z","timestamp":1752793707000},"page":"142-149","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Designing Transport-Level Encryption for Datacenter Networks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4578-4211","authenticated-orcid":false,"given":"Tianyi","family":"Gao","sequence":"first","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1370-4608","authenticated-orcid":false,"given":"Xinshu","family":"Ma","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-5049-2261","authenticated-orcid":false,"given":"Suhas","family":"Narreddy","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0009-0002-1822-9519","authenticated-orcid":false,"given":"Eugenio","family":"Luo","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6408-3333","authenticated-orcid":false,"given":"Steven W. D.","family":"Chien","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1895-5318","authenticated-orcid":false,"given":"Michio","family":"Honda","sequence":"additional","affiliation":[{"name":"University of Edinburgh, Edinburgh, United Kingdom"}]}],"member":"320","published-online":{"date-parts":[[2025,8,6]]},"reference":[{"key":"e_1_3_3_2_2_2","unstructured":"[n. d.]. ([n. d.])."},{"key":"e_1_3_3_2_3_2","unstructured":"[n. d.]. Kernel Connection Multiplexer. https:\/\/www.kernel.org\/doc\/Documentation\/networking\/kcm.txt. ([n. d.])."},{"key":"e_1_3_3_2_4_2","unstructured":"[n. d.]. Kernel TLS offload. https:\/\/www.kernel.org\/doc\/html\/latest\/networking\/tls-offload.html. ([n. d.])."},{"key":"e_1_3_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/1851182.1851192"},{"key":"e_1_3_3_2_6_2","volume-title":"19th USENIX Security Symposium (USENIX Security 10)","author":"Bittau Andrea","year":"2010","unstructured":"Andrea Bittau, Michael Hamburg, Mark Handley, David Mazieres, and Dan Boneh. 2010. The Case for Ubiquitous Transport-Level Encryption. In 19th USENIX Security Symposium (USENIX Security 10)."},{"key":"e_1_3_3_2_7_2","unstructured":"Daniel Borkmann and John Fastabend. [n. d.]. Combining kTLS and BPF for Introspection and Policy Enforcement. Linux Plumbers Conference 2018. ([n. d.])."},{"key":"e_1_3_3_2_8_2","doi-asserted-by":"publisher","DOI":"10.1145\/3544216.3544230"},{"key":"e_1_3_3_2_9_2","volume-title":"A Stateless Transport Tunneling Protocol for Network Virtualization (STT)","author":"Davie Bruce","year":"2014","unstructured":"Bruce Davie and Jesse Gross. 2014. A Stateless Transport Tunneling Protocol for Network Virtualization (STT). Internet-Draft draft-davie-stt-05. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/draft-davie-stt\/05\/ Work in Progress."},{"key":"e_1_3_3_2_10_2","unstructured":"Nandita Dukkipati Neelesh Bansod Chen Zhao Yadong Li Jay Bhat Shiraz Saleem and Anjali\u00a0Singhai Jain. 2024. Falcon: A Reliable and Low Latency Hardware Transport. The Technical Conference on Linux Networking (Netdev 0x18) https:\/\/netdevconf.info\/0x18\/sessions\/talk\/introduction-to-falcon-reliable-transport.html. (2024)."},{"key":"e_1_3_3_2_11_2","unstructured":"John Fastabend. [n. d.]. Seamless transparent encryption with BPF and Cilium. Linux Plumbers Conference 2019. ([n. d.])."},{"key":"e_1_3_3_2_12_2","first-page":"1249","volume-title":"19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22)","author":"Gibson Dan","year":"2022","unstructured":"Dan Gibson, Hema Hariharan, Eric Lance, Moray McLaren, Behnam Montazeri, Arjun Singh, Stephen Wang, Hassan M.\u00a0G. Wassel, Zhehua Wu, Sunghwan Yoo, Raghuraman Balasubramanian, Prashant Chandra, Michael Cutforth, Peter Cuy, David Decotigny, Rakesh Gautam, Alex Iriza, Milo M.\u00a0K. Martin, Rick Roy, Zuowei Shen, Ming Tan, Ye Tang, Monica Wong-Chan, Joe Zbiciak, and Amin Vahdat. 2022. Aquila: A unified, low-latency fabric for datacenter networks. In 19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22). USENIX Association, Renton, WA, 1249\u20131266. https:\/\/www.usenix.org\/conference\/nsdi22\/presentation\/gibson"},{"key":"e_1_3_3_2_13_2","unstructured":"Google. 2022. Encryption in transit. https:\/\/cloud.google.com\/docs\/security\/encryption-in-transit. (2022)."},{"key":"e_1_3_3_2_14_2","series-title":"(OSDI\u201912)","first-page":"135","volume-title":"Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation","author":"Han Sangjin","year":"2012","unstructured":"Sangjin Han, Scott Marshall, Byung-Gon Chun, and Sylvia Ratnasamy. 2012. MegaPipe: A New Programming Interface for Scalable Network I\/O. In Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation(OSDI\u201912). USENIX Association, Berkeley, CA, USA, 135\u2013148. http:\/\/dl.acm.org\/citation.cfm?id=2387880.2387894"},{"key":"e_1_3_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1145\/3098822.3098825"},{"key":"e_1_3_3_2_16_2","first-page":"535","volume-title":"18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21)","author":"Hayakawa Yutaro","year":"2021","unstructured":"Yutaro Hayakawa, Michio Honda, Douglas Santry, and Lars Eggert. 2021. Prism: Proxies without the Pain. In 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21). USENIX Association, 535\u2013549. https:\/\/www.usenix.org\/conference\/nsdi21\/presentation\/hayakawa"},{"key":"e_1_3_3_2_17_2","unstructured":"Tom Herbert. 2016. Data center networking stack. The Technical Conference on Linux Networking (Netdev 1.2) https:\/\/legacy.netdevconf.info\/1.2\/session.html?tom-herbert\/. (2016)."},{"key":"e_1_3_3_2_18_2","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068834"},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"publisher","unstructured":"Jana Iyengar and Martin Thomson. 2021. QUIC: A UDP-Based Multiplexed and Secure Transport. RFC 9000. (May 2021). 10.17487\/RFC9000","DOI":"10.17487\/RFC9000"},{"key":"e_1_3_3_2_20_2","series-title":"(NSDI\u201914)","first-page":"489","volume-title":"Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation","author":"Jeong Eun\u00a0Young","year":"2014","unstructured":"Eun\u00a0Young Jeong, Shinae Woo, Muhammad Jamshed, Haewon Jeong, Sunghwan Ihm, Dongsu Han, and KyoungSoo Park. 2014. mTCP: A Highly Scalable User-level TCP Stack for Multicore Systems. In Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation(NSDI\u201914). USENIX Association, Berkeley, CA, USA, 489\u2013502. http:\/\/dl.acm.org\/citation.cfm?id=2616448.2616493"},{"key":"e_1_3_3_2_21_2","unstructured":"Xiaochun Lu and Zijian Zhang. 2023. Leveraging Homa: Enhancing Datacenter RPC Transport Protocols. The Technical Conference on Linux Networking (Netdev 0x17) https:\/\/netdevconf.info\/0x17\/docs\/netdev-0x17-paper36-talk-paper.pdf. (2023)."},{"key":"e_1_3_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/3230543.3230564"},{"key":"e_1_3_3_2_23_2","first-page":"383","volume-title":"9th USENIX Symposium on Networked Systems Design and Implementation (NSDI 12)","author":"Nowlan Michael\u00a0F","year":"2012","unstructured":"Michael\u00a0F Nowlan, Nabin Tiwari, Janardhan Iyengar, Syed\u00a0Obaid Amin, and Bryan Ford. 2012. Fitting Square Pegs Through Round Pipes: Unordered Delivery { Wire-Compatible} with { TCP} and { TLS}. In 9th USENIX Symposium on Networked Systems Design and Implementation (NSDI 12). 383\u2013398."},{"key":"e_1_3_3_2_24_2","first-page":"761","volume-title":"19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22)","author":"Olteanu Vladimir","year":"2022","unstructured":"Vladimir Olteanu, Haggai Eran, Dragos Dumitrescu, Adrian Popa, Cristi Baciu, Mark Silberstein, Georgios Nikolaidis, Mark Handley, and Costin Raiciu. 2022. An edge-queued datagram service for all datacenter traffic. In 19th USENIX Symposium on Networked Systems Design and Implementation (NSDI 22). USENIX Association, Renton, WA, 761\u2013777. https:\/\/www.usenix.org\/conference\/nsdi22\/presentation\/olteanu"},{"key":"e_1_3_3_2_25_2","volume-title":"2021 USENIX Annual Technical Conference (USENIX ATC 21)","author":"Ousterhout John","year":"2021","unstructured":"John Ousterhout. 2021. A Linux Kernel Implementation of the Homa Transport Protocol. In 2021 USENIX Annual Technical Conference (USENIX ATC 21). USENIX Association. https:\/\/www.usenix.org\/conference\/atc21\/presentation\/ousterhout"},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1145\/3445814.3446732"},{"key":"e_1_3_3_2_27_2","doi-asserted-by":"publisher","DOI":"10.1145\/3503222.3507711"},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/2079296.2079317"},{"key":"e_1_3_3_2_29_2","unstructured":"Jinglei Ren. [n. d.]. YCSB-C. https:\/\/github.com\/basicthinker\/YCSB-C. ([n. d.])."},{"key":"e_1_3_3_2_30_2","volume-title":"TLS Encrypted Client Hello","author":"Rescorla Eric","year":"2023","unstructured":"Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher\u00a0A. Wood. 2023. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-17. Internet Engineering Task Force. https:\/\/datatracker.ietf.org\/doc\/draft-ietf-tls-esni\/17\/ Work in Progress."},{"key":"e_1_3_3_2_31_2","first-page":"4277","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Rothenberger Benjamin","year":"2021","unstructured":"Benjamin Rothenberger, Konstantin Taranov, Adrian Perrig, and Torsten Hoefler. 2021. ReDMArk: Bypassing RDMA Security Mechanisms. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 4277\u20134292. https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/rothenberger"},{"key":"e_1_3_3_2_32_2","first-page":"785","volume-title":"18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21)","author":"Sapio Amedeo","year":"2021","unstructured":"Amedeo Sapio, Marco Canini, Chen-Yu Ho, Jacob Nelson, Panos Kalnis, Changhoon Kim, Arvind Krishnamurthy, Masoud Moshref, Dan Ports, and Peter Richtarik. 2021. Scaling Distributed Machine Learning with In-Network Aggregation. In 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21). USENIX Association, 785\u2013808. https:\/\/www.usenix.org\/conference\/nsdi21\/presentation\/sapio"},{"key":"e_1_3_3_2_33_2","doi-asserted-by":"publisher","DOI":"10.1145\/3600006.3613156"},{"key":"e_1_3_3_2_34_2","unstructured":"Amazon\u00a0Web Services. 2024. Security Pillar: AWS Well-Architected Framework. https:\/\/docs.aws.amazon.com\/wellarchitected\/latest\/security-pillar\/welcome.html. (2024)."},{"key":"e_1_3_3_2_35_2","doi-asserted-by":"crossref","unstructured":"Leah Shalev Hani Ayoub Nafea Bshara and Erez Sabbag. 2020. A cloud-optimized transport protocol for elastic and scalable hpc. IEEE micro 40 6 (2020) 67\u201373.","DOI":"10.1109\/MM.2020.3016891"},{"key":"e_1_3_3_2_36_2","doi-asserted-by":"publisher","DOI":"10.1145\/3484266.3487382"},{"key":"e_1_3_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1145\/3484266.3487382"},{"key":"e_1_3_3_2_38_2","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOMWKSHPS51825.2021.9484596"},{"key":"e_1_3_3_2_39_2","first-page":"691","volume-title":"2020 USENIX Annual Technical Conference (USENIX ATC 20)","author":"Taranov Konstantin","year":"2020","unstructured":"Konstantin Taranov, Benjamin Rothenberger, Adrian Perrig, and Torsten Hoefler. 2020. { sRDMA} \u2013Efficient { NIC-based} Authentication and Encryption for Remote Direct Memory Access. In 2020 USENIX Annual Technical Conference (USENIX ATC 20). 691\u2013704."},{"key":"e_1_3_3_2_40_2","unstructured":"Mellanox Technologies. 2020. Mellanox Corporate Update\u2014Unleashing the Power of Data. (2020)."},{"key":"e_1_3_3_2_41_2","first-page":"277","volume-title":"19th USENIX Conference on File and Storage Technologies (FAST 21)","author":"Wang Qing","year":"2021","unstructured":"Qing Wang, Youyou Lu, Erci Xu, Junru Li, Youmin Chen, and Jiwu Shu. 2021. Concordia: Distributed Shared Memory with In-Network Cache Coherence. In 19th USENIX Conference on File and Storage Technologies (FAST 21). USENIX Association, 277\u2013292. https:\/\/www.usenix.org\/conference\/fast21\/presentation\/wang"},{"key":"e_1_3_3_2_42_2","doi-asserted-by":"publisher","DOI":"10.1145\/3405796.3405827"},{"key":"e_1_3_3_2_43_2","first-page":"43","volume-title":"2016 USENIX Annual Technical Conference (USENIX ATC 16)","author":"Yasukata Kenichi","year":"2016","unstructured":"Kenichi Yasukata, Michio Honda, Douglas Santry, and Lars Eggert. 2016. StackMap: Low-Latency Networking with the OS Stack and Dedicated NICs. In 2016 USENIX Annual Technical Conference (USENIX ATC 16). USENIX Association, Denver, CO, 43\u201356. https:\/\/www.usenix.org\/conference\/atc16\/technical-sessions\/presentation\/yasukata"}],"event":{"name":"APNET 2025: The 9th Asia-Pacific Workshop on Networking","location":"Shang Hai China","acronym":"APNET 2025"},"container-title":["Proceedings of the 9th Asia-Pacific Workshop on Networking"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3735358.3735389","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,22]],"date-time":"2025-07-22T05:11:49Z","timestamp":1753161109000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3735358.3735389"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,6]]},"references-count":42,"alternative-id":["10.1145\/3735358.3735389","10.1145\/3735358"],"URL":"https:\/\/doi.org\/10.1145\/3735358.3735389","relation":{},"subject":[],"published":{"date-parts":[[2025,8,6]]},"assertion":[{"value":"2025-08-06","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}