Cryptology ePrint Archive: Report 2019/028

nQUIC: Noise-Based QUIC Packet Protection

Mathias Hall-Andersen and David Wong and Nick Sullivan and Alishah Chator

Abstract: We present nQUIC, a variant of QUIC-TLS that uses the Noise protocol framework for its key exchange and basis of its packet protector with no semantic transport changes. nQUIC is designed for deployment in systems and for applications that assert trust in raw public keys rather than PKI-based certificate chains. It uses a fixed key exchange algorithm, compromising agility for implementation and verification ease. nQUIC provides mandatory server and optional client authentication, resistance to Key Compromise Impersonation attacks, and forward and future secrecy of traffic key derivation, which makes it favorable to QUIC-TLS for long-lived QUIC connections in comparable applications. We developed two interoperable prototype implementations written in Go and Rust. Experimental results show that nQUIC finishes its handshake in a comparable amount of time as QUIC-TLS.

Category / Keywords: cryptographic protocols / UDP, QUIC, SSL, TLS, Noise protocol framework, post-compromise security

Original Publication (in the same form):

Date: received 12 Jan 2019

Contact author: moi at davidwong fr

Available format(s): PDF | BibTeX Citation

Version: 20190115:192433 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]