论文信息 - Analysis of QUIC Session Establishment and Its Implementations

Analysis of QUIC Session Establishment and Its Implementations

In the recent years, the major web companies have been working to improve the user experience and to secure the communications between their users and the services they provide. QUIC is such an initiative, and it is currently being designed by the IETF. In a nutshell, QUIC originally intended to merge features from TCP/SCTP, TLS 1.3 and HTTP/2 into one big protocol. The current specification proposes a more modular definition, where each feature (transport, cryptography, application, packet reemission) are defined in separate internet drafts.

Olivier Levillain | Eva Gagliardi | O. Levillain | Eva Gagliardi

[1] Martin Thomson,et al. Version-Independent Properties of QUIC , 2019, Request for Comments.

[2] Mike Bishop,et al. Hypertext Transfer Protocol Version 3 (HTTP/3) , 2020 .

[3] Mirja Kühlewind,et al. Applicability of the QUIC Transport Protocol , 2020 .

[4] Kenneth L. McMillan,et al. Formal specification and testing of QUIC , 2019, SIGCOMM.

[5] Sergey Bratus,et al. The Seven Turrets of Babel: A Taxonomy of LangSec Errors and How to Expunge Them , 2016, 2016 IEEE Cybersecurity Development (SecDev).

[6] Alan Frindell,et al. QPACK: Header Compression for HTTP/3 , 2020 .

[7] Martin Thomson,et al. QUIC: A UDP-Based Multiplexed and Secure Transport , 2020, RFC.

[8] Martin Thomson,et al. Using TLS to Secure QUIC , 2020, RFC.

[9] Ian Swett,et al. QUIC Loss Detection and Congestion Control , 2020, RFC.

[10] Tibor Jager,et al. On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption , 2015, CCS.