Programmable Data Planes (PDPs) offer the ability to customise and control the processing of network packets, either within network devices such as routers, switches, and SmartNICs, or within end-host machines, through technologies like eBPF (extended Berkeley Packet Filter), or other programmable frameworks. PDPs empower developers to define and implement customised packet processing logic, spanning from fundamental packet filtering and forwarding to more sophisticated tasks like load balancing, network virtualisation, and security enforcement.

While they promise to deliver enhanced flexibility and performance to processes and services, the capabilities of PDPs are still largely under exploration, proof, and assessment. As a matter of facts, due to design and implementation decisions, they are often restricted in the range and types of operations they can perform on packets. This thesis aims to delve into novel and advanced methodologies for offloading complex tasks, particularly those focused on security such as cryptography, traffic analysis, and filtering, onto PDPs, with the objective of striking the right balance between performance and complexity. The candidate is expected to analyse alternative solutions where tasks can be either entirely or partially offloaded and conduct experimental assessments, comparing the outcomes against legacy approaches.