analysis of quic session establishment and its
play

Analysis of QUIC Session Establishment and its Implementations Eva - PowerPoint PPT Presentation

Feb 20, 2024 •361 likes •1.08k views

Analysis of QUIC Session Establishment and its Implementations Eva Gagliardi 1 , 2 Olivier Levillain 1 1 Tlcom SudParis 2 French Ministry of the Armies Sminaire SoSySec May 29th 2020 E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session

  1. Analysis of QUIC Session Establishment and its Implementations Eva Gagliardi 1 , 2 Olivier Levillain 1 1 Télécom SudParis 2 French Ministry of the Armies Séminaire SoSySec May 29th 2020 E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 1 / 29

  2. Introduction QUIC in a Nutshell QUIC Packet Protection A Look at QUIC Draft 23 Implementations Conclusion and Perspectives

  3. Introduction QUIC in a Nutshell QUIC Packet Protection A Look at QUIC Draft 23 Implementations Conclusion and Perspectives

  4. Introduction @pictyeye Olivier Levillain ◮ M2 internship on the FORK-256 hash function (2006) ◮ member of the systems security lab at ANSSI (2007-2012) ◮ head of the network security lab at ANSSI (2012-2015) ◮ head of the training center at ANSSI (2015-2018) ◮ associate professor at Télécom SudParis (2018-) E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 4 / 29

  5. Introduction @pictyeye Olivier Levillain ◮ M2 internship on the FORK-256 hash function (2006) ◮ member of the systems security lab at ANSSI (2007-2012) ◮ head of the network security lab at ANSSI (2012-2015) ◮ head of the training center at ANSSI (2015-2018) ◮ associate professor at Télécom SudParis (2018-) Research ◮ low-level security mechanisms in x86 CPUs (ACPI, SMM) ◮ PhD on SSL/TLS ◮ studies on the langages ◮ work on parsers and on network protocol implementations E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 4 / 29

  6. Introduction Documents and tools https://paperstreet.picty.org ◮ my PhD manuscript (if you are into TLS) ◮ articles and slides for most of my contributions and seminars E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 5 / 29

  7. Introduction Documents and tools https://paperstreet.picty.org ◮ my PhD manuscript (if you are into TLS) ◮ articles and slides for most of my contributions and seminars Active software projects ◮ Parsifal, a parser generator written in OCaml ◮ https://github.com/picty/concerto ◮ Concerto, a tool to analyse TLS campaigns and certificate chains ◮ https://github.com/picty/parsifal ◮ Wombat, one more Bleichenbacher toolkit ◮ https://gitlab.com/pictyeye/wombat E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 5 / 29

  8. Introduction The GASP project a Generic Approach to Secure network Protocols (2019-2022) ◮ description of protocol messages using simple languages ◮ network scans at large to better understand real world ecosystems ◮ description of protocol state machines using simple languages ◮ security evaluation of concrete implementation using different techniques (message-level fuzzing, state machine inference) E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 6 / 29

  9. Introduction The GASP project a Generic Approach to Secure network Protocols (2019-2022) ◮ description of protocol messages using simple languages ◮ network scans at large to better understand real world ecosystems ◮ description of protocol state machines using simple languages ◮ security evaluation of concrete implementation using different techniques (message-level fuzzing, state machine inference) Work in progress ◮ a platform to test and compare parser generators ◮ experimentations to fuzz existing state machines with L ⋆ ◮ reproduction of existing results on TLS ◮ extension to the discovery of Bleichenbacher oracles ◮ performance improvement ◮ application to DNS, TLS, QUIC, SSH E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 6 / 29

  10. Introduction The GASP project a Generic Approach to Secure network Protocols (2019-2022) ◮ description of protocol messages using simple languages ◮ network scans at large to better understand real world ecosystems ◮ description of protocol state machines using simple languages ◮ security evaluation of concrete implementation using different techniques (message-level fuzzing, state machine inference) Work in progress ◮ a platform to test and compare parser generators ◮ experimentations to fuzz existing state machines with L ⋆ ◮ reproduction of existing results on TLS ◮ extension to the discovery of Bleichenbacher oracles ◮ performance improvement ◮ application to DNS, TLS, QUIC , SSH E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 6 / 29

  11. Introduction Warnings about this presentation Most of the material presented here comes from the work from Eva Gagliardi (2019 internship) and was presented at WISTP last December E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 7 / 29

  12. Introduction Warnings about this presentation Most of the material presented here comes from the work from Eva Gagliardi (2019 internship) and was presented at WISTP last December The experiments were made against draft-23 implementations and may not accurately reflect on the current state of the ecosystem (current version is draft-28 , mostly with minor changes regarding the session establishment) E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 7 / 29

  13. Introduction QUIC in a Nutshell QUIC Packet Protection A Look at QUIC Draft 23 Implementations Conclusion and Perspectives

  14. QUIC in a Nutshell gQUIC and QUIC in a nutshell ◮ 2012: Google proposes a new protocol, QUIC ◮ multiplexed HTTP in a secure channel over UDP E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 9 / 29

  15. QUIC in a Nutshell gQUIC and QUIC in a nutshell ◮ 2012: Google proposes a new protocol, QUIC ◮ multiplexed HTTP in a secure channel over UDP ◮ 2014: First drafts about TLS 1.3, borrowing some ideas E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 9 / 29

  16. QUIC in a Nutshell gQUIC and QUIC in a nutshell ◮ 2012: Google proposes a new protocol, QUIC ◮ multiplexed HTTP in a secure channel over UDP ◮ 2014: First drafts about TLS 1.3, borrowing some ideas ◮ 2016: QUIC is proposed as an IETF item ◮ the original protocol is renamed gQUIC ◮ a new IETF WG is formed (quic) ◮ a more modular design is proposed, with the soon -to-be TLS 1.3 as the secure transport E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 9 / 29

  17. QUIC in a Nutshell gQUIC and QUIC in a nutshell ◮ 2012: Google proposes a new protocol, QUIC ◮ multiplexed HTTP in a secure channel over UDP ◮ 2014: First drafts about TLS 1.3, borrowing some ideas ◮ 2016: QUIC is proposed as an IETF item ◮ the original protocol is renamed gQUIC ◮ a new IETF WG is formed (quic) ◮ a more modular design is proposed, with the soon -to-be TLS 1.3 as the secure transport ◮ 2018:TLS 1.3 publication (RFC8446) E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 9 / 29

  18. QUIC in a Nutshell gQUIC and QUIC in a nutshell ◮ 2012: Google proposes a new protocol, QUIC ◮ multiplexed HTTP in a secure channel over UDP ◮ 2014: First drafts about TLS 1.3, borrowing some ideas ◮ 2016: QUIC is proposed as an IETF item ◮ the original protocol is renamed gQUIC ◮ a new IETF WG is formed (quic) ◮ a more modular design is proposed, with the soon -to-be TLS 1.3 as the secure transport ◮ 2018:TLS 1.3 publication (RFC8446) ◮ 2019-2020: ongoing work on QUIC drafts (leading to -draft28 versions) E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 9 / 29

  19. QUIC in a Nutshell gQUIC and QUIC in a nutshell ◮ 2012: Google proposes a new protocol, QUIC ◮ multiplexed HTTP in a secure channel over UDP ◮ 2014: First drafts about TLS 1.3, borrowing some ideas ◮ 2016: QUIC is proposed as an IETF item ◮ the original protocol is renamed gQUIC ◮ a new IETF WG is formed (quic) ◮ a more modular design is proposed, with the soon -to-be TLS 1.3 as the secure transport ◮ 2018:TLS 1.3 publication (RFC8446) ◮ 2019-2020: ongoing work on QUIC drafts (leading to -draft28 versions) Warning: this presentation is about IETF QUIC only E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 9 / 29

  20. QUIC in a Nutshell A Typical QUIC Connection Client Server Uses UDP Packets E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 10 / 29

  21. QUIC in a Nutshell A Typical QUIC Connection Client Server QUIC Initial (ClientHello) Uses UDP Packets Initial Protection E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 10 / 29

  22. QUIC in a Nutshell A Typical QUIC Connection Client Server QUIC Initial (ClientHello) QUIC Initial (ServerHello) Uses UDP Packets Initial Protection E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 10 / 29

  23. QUIC in a Nutshell A Typical QUIC Connection Client Server QUIC Initial (ClientHello) QUIC Initial (ServerHello) QUIC Handshake Uses UDP Packets (EncryptedExtensions + Certificate + CertVerify + Finished) Initial Protection Handshake Secrets E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 10 / 29

  24. QUIC in a Nutshell A Typical QUIC Connection Client Server QUIC Initial (ClientHello) QUIC Initial (ServerHello) QUIC Handshake Uses UDP Packets (EncryptedExtensions + Certificate + CertVerify + Finished) QUIC Handshake Initial Protection (Finished) Handshake Secrets E. Gagliardi, O. Levillain (TSP/MinArm) QUIC Session Establishment 2020-05-29 10 / 29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Multiplexing UDP-based protocols with QUIC January 2018, Melbourne Multiplexing QUIC and RFC

Multiplexing UDP-based protocols with QUIC January 2018, Melbourne Multiplexing QUIC and RFC

Multiplexing UDP-based protocols with QUIC January 2018, Melbourne Multiplexing QUIC and RFC 7983 Problem: People want to use QUIC for things like WebRTC multiplexing with STUN, TURN and SRTP not using QUIC for RTP as in draft-rtpfolks-... 0-3

345 views • 5 slides
QUIC A New Internet Transport Presenter: Jana Iyengar QUIC and the IETF Nov 2013 Early design

QUIC A New Internet Transport Presenter: Jana Iyengar QUIC and the IETF Nov 2013 Early design

QUIC A New Internet Transport Presenter: Jana Iyengar QUIC and the IETF Nov 2013 Early design and experience (TSVAREA) Mar 2015 QUIC handshake (SAAG) Mar 2015 onwards Replacing QUIC's handshake with TLS1.3 July 2015 BarBoF, experimental

556 views • 24 slides
Unreliable Datagram Extension to QUIC draft-pauly-quic-datagram-00 Tommy Pauly , Eric Kinnear,

Unreliable Datagram Extension to QUIC draft-pauly-quic-datagram-00 Tommy Pauly , Eric Kinnear,

Unreliable Datagram Extension to QUIC draft-pauly-quic-datagram-00 Tommy Pauly , Eric Kinnear, David Schinazi QUIC IETF 103, November 2018, Bangkok 1 Why unreliable QUIC frames? Several application use cases take advantage of unreliable

346 views • 10 slides
QUIC passive RTT measurement IETF 99 By Ian Swett Background Almost all of QUIC is encrypted,

QUIC passive RTT measurement IETF 99 By Ian Swett Background Almost all of QUIC is encrypted,

QUIC passive RTT measurement IETF 99 By Ian Swett Background Almost all of QUIC is encrypted, including acks Network monitoring and AQM use RTT Only Handshake RTT is visible Issue #631 Motivation RTT (and change of RTT from baseline)

269 views • 8 slides
Multipath QUIC: Design and Evaluation Quentin De Coninck , Olivier Bonaventure

Multipath QUIC: Design and Evaluation Quentin De Coninck , Olivier Bonaventure

Multipath QUIC: Design and Evaluation Quentin De Coninck , Olivier Bonaventure quentin.deconinck@uclouvain.be multipath-quic.org QUIC = Quick UDP Internet Connection TCP/TLS1.3 atop UDP Stream multiplexing HTTP/2 use case 0-RTT

690 views • 56 slides
RA AC CE ER RS S W WH HO O C CA AR RE E, , I IN NC C. . R QUIC ICK TIP IPS ON

RA AC CE ER RS S W WH HO O C CA AR RE E, , I IN NC C. . R QUIC ICK TIP IPS ON

RA AC CE ER RS S W WH HO O C CA AR RE E, , I IN NC C. . R QUIC ICK TIP IPS ON WI WINNING IN LIFE IFE FIE IELD TRIP RIP PRO ROGRA RAM - RA RACER ERS INSPIRIN RING KID KIDS TO BEL ELIE IEVE VE IN THEM EMSELVE VES

795 views • 14 slides
Establishment Unit 9 Site Establishment and Procurement Site Establishment This section of

Establishment Unit 9 Site Establishment and Procurement Site Establishment This section of

Safety Management & Site Establishment Unit 9 Site Establishment and Procurement Site Establishment This section of this course seeks to focus on the physical establishment of a site, as with the selection of common temporary

780 views • 59 slides
Moving fast at scale Experience deploying IETF QUIC at Facebook Subodh Iyengar Luca Niccolini

Moving fast at scale Experience deploying IETF QUIC at Facebook Subodh Iyengar Luca Niccolini

Moving fast at scale Experience deploying IETF QUIC at Facebook Subodh Iyengar Luca Niccolini Overview FB Infra and QUIC deployment Infrastructure parity between TCP and QUIC Results Future and current work Anatomy of our load

696 views • 37 slides
Fast QUIC sockets with vector packet processing Aloys Augustin, Nathan Skrzypczak, Mathias

Fast QUIC sockets with vector packet processing Aloys Augustin, Nathan Skrzypczak, Mathias

Fast QUIC sockets with vector packet processing Aloys Augustin, Nathan Skrzypczak, Mathias Raoul, Dave Wallace 1 What is QUIC ? 2 3 The stack HTTP/2 HTTP/3 TLS QUIC TCP UDP IP 4 Nice properties Encryption by default ~ TLS 1.3

917 views • 37 slides
QUIC Tutorial A New Internet Transport What to expect in the next hour Brief history

QUIC Tutorial A New Internet Transport What to expect in the next hour Brief history

QUIC Tutorial A New Internet Transport What to expect in the next hour Brief history Motivations High-level overview of work Where the working group is today You may find this tutorial useful if: HTTP/2 and QUIC are

610 views • 28 slides
Zooming in and zooming out: Mixing qualitative and quantitative approaches to the analysis

Zooming in and zooming out: Mixing qualitative and quantitative approaches to the analysis

Zooming in and zooming out: Mixing qualitative and quantitative approaches to the analysis of textual data Graham Hughes QUIC Conference 2011 University of Surrey 4 th May 2011 n.hughes@surrey.ac.uk Focus of this session Analysis

513 views • 27 slides
Cubic Quiescence: Not So Inactive Jana Iyengar QUIC Q uick U DP I nternet C onnections A

Cubic Quiescence: Not So Inactive Jana Iyengar QUIC Q uick U DP I nternet C onnections A

Cubic Quiescence: Not So Inactive Jana Iyengar QUIC Q uick U DP I nternet C onnections A reliable, multiplexed transport over UDP Always encrypted Reduces latency Runs in user-space Open sourced in Chromium What is QUIC?

776 views • 12 slides
Analyzing The Adoption of QUIC From a Mobile Development Perspective In Workshop on Evolution,

Analyzing The Adoption of QUIC From a Mobile Development Perspective In Workshop on Evolution,

Analyzing The Adoption of QUIC From a Mobile Development Perspective In Workshop on Evolution, Performance, and Interoperability of QUIC (EPIQ 20) DIEGO MADARIAGA LUCAS TORREALBA JAVIER MADARIAGA JAVIERA BERMDEZ JAVIER

461 views • 27 slides
QUIC and TLS Adam Langley History The initial ideas for SPDY involved it being a UDP

QUIC and TLS Adam Langley History The initial ideas for SPDY involved it being a UDP

QUIC and TLS Adam Langley History The initial ideas for SPDY involved it being a UDP protocol. That was dropped to limit the scope. SPDY worked out OK and QUIC continues it by replacing TCP and TLS under SPDY/HTTP 2. History (2)

336 views • 10 slides
QUIC Quick UDP Internet Connections Multiplexed Stream Transport over UDP IETF-88 TSV Area

QUIC Quick UDP Internet Connections Multiplexed Stream Transport over UDP IETF-88 TSV Area

QUIC Quick UDP Internet Connections Multiplexed Stream Transport over UDP IETF-88 TSV Area Presentation 2013-11-7 Presentation by Jim Roskind <jar@> Google Corp What is QUIC? Effectively replaces TLS and TCP out from under SPDY

671 views • 25 slides
QUIC CPU Pergormance Can HTTP/3 be as efficient as HTTP/2 and HTTP 1.1? SIGCOMM EPIQ 2020,

QUIC CPU Pergormance Can HTTP/3 be as efficient as HTTP/2 and HTTP 1.1? SIGCOMM EPIQ 2020,

Proprietary + Confidential QUIC CPU Pergormance Can HTTP/3 be as efficient as HTTP/2 and HTTP 1.1? SIGCOMM EPIQ 2020, Presented by Ian Swett Proprietary + Confidential What are QUIC and HTTP/3? Proprietary + Confidential QUIC is a transporu

923 views • 34 slides
AQM Evaluation Criteria and Scenarios Naeem Khademi <naeemk@ifi.uio.no> Amadou B. Bagayoko

AQM Evaluation Criteria and Scenarios Naeem Khademi <naeemk@ifi.uio.no> Amadou B. Bagayoko

AQM Evaluation Criteria and Scenarios Naeem Khademi <naeemk@ifi.uio.no> Amadou B. Bagayoko <Amadou.Bagayoko@telecom-bretagne.eu> Gorry Fairhurst <gorry@erg.abdn.ac.uk> Chamil Kulatunga <chamil@erg.abdn.ac.uk> David Ros

461 views • 19 slides
Commissioning of VUV-MPPCs for MEG II Liquid Xenon Detector W. Ootani ICEPP , The University of

Commissioning of VUV-MPPCs for MEG II Liquid Xenon Detector W. Ootani ICEPP , The University of

Commissioning of VUV-MPPCs for MEG II Liquid Xenon Detector W. Ootani ICEPP , The University of Tokyo International Conference on the Advancement of Silicon Photomultipliers Jun. 11th-15th, 2018, Schwetzingen, Germany MEG II Experiment

623 views • 26 slides
DRAFT Dune Grounding and Shielding Guidelines 1.0 Introduction The DUNE detector is being

DRAFT Dune Grounding and Shielding Guidelines 1.0 Introduction The DUNE detector is being

25FEB2019 DocDB 10042 DRAFT Dune Grounding and Shielding Guidelines 1.0 Introduction The DUNE detector is being constructed such that it will operate as an isolated system. It will have its own dedicated Detector Ground which is

185 views • 4 slides
Deep Machine Learning on FPGAs for L1 Trigger and Data Acquisition Jennifer Ngadiuba, Vladimir

Deep Machine Learning on FPGAs for L1 Trigger and Data Acquisition Jennifer Ngadiuba, Vladimir

Deep Machine Learning on FPGAs for L1 Trigger and Data Acquisition Jennifer Ngadiuba, Vladimir Loncar, Maurizio Pierini [CERN] Giuseppe Di Guglielmo [Columbia University] Javier Duarte, Burt Holzman, Sergo Jindariani, Ben Kreis, Mia Liu, Kevin

1.07k views • 36 slides
Photon Detector Readout Plan Zelimir Djurcic, Patrick De Lurgio, Gary Drake, Michael Oberling

Photon Detector Readout Plan Zelimir Djurcic, Patrick De Lurgio, Gary Drake, Michael Oberling

Photon Detector Readout Plan Zelimir Djurcic, Patrick De Lurgio, Gary Drake, Michael Oberling Argonne National Laboratory zdjurcic@anl.gov, drake@anl.gov DUNE Photon Detection Review, August 2-3 2016 Introduction The Following Review

459 views • 24 slides
4/15/2018 [1] PE Prof. Mor M. Peretz Analog Electronic Circuits 361-1-3671 M I C T HE C

4/15/2018 [1] PE Prof. Mor M. Peretz Analog Electronic Circuits 361-1-3671 M I C T HE C

4/15/2018 [1] PE Prof. Mor M. Peretz Analog Electronic Circuits 361-1-3671 M I C T HE C ENTER FOR P OWER E LECTRONICS AND M IXED -S IGNAL IC, B EN -G URION U NIVERSITY BGU Analog Electronic Circuits Prof. Mor M. Peretz The Center for

467 views • 9 slides
arXiv:1208.1461v3 [hep-ex] 6 Feb 2013 S. L. Li 1 , W. D. Li 1 , W. G. Li 1 , X. L. Li 28 , X. N.

arXiv:1208.1461v3 [hep-ex] 6 Feb 2013 S. L. Li 1 , W. D. Li 1 , W. G. Li 1 , X. L. Li 28 , X. N.

Evidence for c and Measurement of J/ 3 M. Ablikim 1 , M. N. Achasov 6 , D. J. Ambrose 39 , F. F. An 1 , Q. An 40 , Z. H. An 1 , J. Z. Bai 1 , Y. Ban 26 , J. Becker 2 , J. V. Bennett 16 , M. Bertani 17 A , J. M. Bian 38 , E.

707 views • 7 slides
Shielding property of cascode architecture IIT-Bombay

Shielding property of cascode architecture IIT-Bombay

5 5 Shielding property of cascode architecture IIT-Bombay Lecture 11 M. Shojaei Baghini 6 6 Folded Cascode Amplifier Assignment for the students: Analysis

79 views • 7 slides

More recommend