diff --git a/lib/load_gen/common.js b/lib/load_gen/common.js
index 619b989dd7b274dc0414f0bc5d37567d97c13205..cd31954fb5ec5d3fe24e5eeedf18ac8a385a8b73 100644
--- a/lib/load_gen/common.js
+++ b/lib/load_gen/common.js
@@ -78,8 +78,8 @@ exports.genAssertionAndVerify = function(cfg, user, ctx, email, audience, cb) {
     });
 
     wcli.post(cfg, '/verify', {}, {
-      audience: audience,
-      assertion: assertion
+      audience: assertion.audience,
+      assertion: assertion.assertion
     }, function (r) {
       try {
         if (r.code !== 200) throw "non-200 status: " + resp.code;
diff --git a/lib/load_gen/crypto.js b/lib/load_gen/crypto.js
index aa4735336dfb153739f14587362631c65b9e9311..e8ca1c43494978c1b1b5f80ac4aa53ba80daa325 100644
--- a/lib/load_gen/crypto.js
+++ b/lib/load_gen/crypto.js
@@ -27,12 +27,39 @@ exports.getKeyPair = function() {
   return userDB.any(keyPairs);
 };
 
+var assertions = [];
+
 exports.getAssertion = function(obj) {
-  // XXX: we can memoize here at some point, returning existing assertions
-  // to reduce compute cost of loadgen client, to simulate more load
-  // on servers
-  var expirationDate = new Date(obj.now.getTime() + (2 * 60 * 1000));
-  var tok = new jwt.JWT(null, expirationDate, obj.audience);
-  var assertion = vep.bundleCertsAndAssertion([obj.cert], tok.sign(obj.secretKey));
-  return assertion;
+  // we can memoize here, returning existing assertions to reduce
+  // compute cost of loadgen client, to simulate more load on servers
+
+  // this is a synthetic benchmark and for assertions we don't really care
+  // what email or RP is associated with the assertion, just that
+  // it applies load.
+
+  function genAssertion() {
+    var expirationDate = new Date(obj.now.getTime() + (2 * 60 * 1000));
+    var tok = new jwt.JWT(null, expirationDate, obj.audience);
+    var assertion = vep.bundleCertsAndAssertion([obj.cert], tok.sign(obj.secretKey));
+
+    return {
+      audience: obj.audience,
+      assertion: assertion,
+      expirationDate: expirationDate
+    };
+  }
+
+  if (assertions.length >= 30) {
+    var which = Math.floor(Math.random()*30)
+    var assertion = assertions[which];
+    // consider assertions which expire in the next minute stale
+    if ((assertion.expirationDate - new Date()) < (60 * 1000)) {
+      assertion = assertions[which] = genAssertion();
+    }
+    return assertions[which];
+  }
+
+  var a = genAssertion();
+  assertions.push(a);
+  return a;
 };