Paper 2019/028

nQUIC: Noise-Based QUIC Packet Protection

Mathias Hall-Andersen, David Wong, Nick Sullivan, and Alishah Chator

Abstract

We present nQUIC, a variant of QUIC-TLS that uses the Noise protocol framework for its key exchange and basis of its packet protector with no semantic transport changes. nQUIC is designed for deployment in systems and for applications that assert trust in raw public keys rather than PKI-based certificate chains. It uses a fixed key exchange algorithm, compromising agility for implementation and verification ease. nQUIC provides mandatory server and optional client authentication, resistance to Key Compromise Impersonation attacks, and forward and future secrecy of traffic key derivation, which makes it favorable to QUIC-TLS for long-lived QUIC connections in comparable applications. We developed two interoperable prototype implementations written in Go and Rust. Experimental results show that nQUIC finishes its handshake in a comparable amount of time as QUIC-TLS.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. https://dl.acm.org/citation.cfm?id=3284854
DOI
10.1145/3284850.3284854
Keywords
UDPQUICSSLTLSNoise protocol frameworkpost-compromise security
Contact author(s)
moi @ davidwong fr
History
2019-01-15: received
Short URL
https://ia.cr/2019/028
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2019/028,
      author = {Mathias Hall-Andersen and David Wong and Nick Sullivan and Alishah Chator},
      title = {nQUIC: Noise-Based QUIC Packet Protection},
      howpublished = {Cryptology ePrint Archive, Paper 2019/028},
      year = {2019},
      doi = {10.1145/3284850.3284854},
      note = {\url{https://eprint.iacr.org/2019/028}},
      url = {https://eprint.iacr.org/2019/028}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.