TY - GEN
T1 - Analysis of QUIC Session Establishment and Its Implementations
AU - Gagliardi, Eva
AU - Levillain, Olivier
N1 - Publisher Copyright:
© IFIP International Federation for Information Processing 2020.
PY - 2020/1/1
Y1 - 2020/1/1
N2 - In the recent years, the major web companies have been working to improve the user experience and to secure the communications between their users and the services they provide. QUIC is such an initiative, and it is currently being designed by the IETF. In a nutshell, QUIC originally intended to merge features from TCP/SCTP, TLS 1.3 and HTTP/2 into one big protocol. The current specification proposes a more modular definition, where each feature (transport, cryptography, application, packet reemission) are defined in separate internet drafts. We studied the QUIC internet drafts related to the transport and cryptographic layers, from version 18 to version 23, and focused on the connection establishment with existing implementations. We propose a first implementation of QUIC connection establishment using Scapy, which allowed us to forge a critical opinion of the current specification, with a special focus on the induced difficulties in the implementation. With our simple stack, we also tested the behaviour of the existing implementations with regards to security-related constraints (explicit or implicit) from the internet drafts. This gives us an interesting view of the state of QUIC implementations.
AB - In the recent years, the major web companies have been working to improve the user experience and to secure the communications between their users and the services they provide. QUIC is such an initiative, and it is currently being designed by the IETF. In a nutshell, QUIC originally intended to merge features from TCP/SCTP, TLS 1.3 and HTTP/2 into one big protocol. The current specification proposes a more modular definition, where each feature (transport, cryptography, application, packet reemission) are defined in separate internet drafts. We studied the QUIC internet drafts related to the transport and cryptographic layers, from version 18 to version 23, and focused on the connection establishment with existing implementations. We propose a first implementation of QUIC connection establishment using Scapy, which allowed us to forge a critical opinion of the current specification, with a special focus on the induced difficulties in the implementation. With our simple stack, we also tested the behaviour of the existing implementations with regards to security-related constraints (explicit or implicit) from the internet drafts. This gives us an interesting view of the state of QUIC implementations.
KW - Protocol implementation
KW - QUIC
KW - Secure communications
U2 - 10.1007/978-3-030-41702-4_11
DO - 10.1007/978-3-030-41702-4_11
M3 - Conference contribution
AN - SCOPUS:85082307657
SN - 9783030417017
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 169
EP - 184
BT - Information Security Theory and Practice - 13th IFIP WG 11.2 International Conference, WISTP 2019, Proceedings
A2 - Laurent, Maryline
A2 - Giannetsos, Thanassis
PB - Springer
T2 - 13th IFIP WG 11.2 International Conference on Information Security Theory and Practice, WISTP 2019
Y2 - 11 December 2019 through 12 December 2019
ER -