nQUIC
Autor: | Nick Sullivan, Mathias Hall-Andersen, Alishah Chator, David Wong |
---|---|
Rok vydání: | 2018 |
Předmět: |
0301 basic medicine
Authentication business.industry Computer science Network packet computer.internet_protocol QUIC Public key infrastructure Public-key cryptography 03 medical and health sciences 030104 developmental biology 0302 clinical medicine 030220 oncology & carcinogenesis Key (cryptography) Key derivation function business computer Key exchange Computer network |
Zdroj: | EPIQ@CoNEXT |
DOI: | 10.1145/3284850.3284854 |
Popis: | We present nQUIC, a variant of QUIC-TLS that uses the Noise protocol framework for its key exchange and basis of its packet protector with no semantic transport changes. nQUIC is designed for deployment in systems and for applications that assert trust in raw public keys rather than PKI-based certificate chains. It uses a fixed key exchange algorithm, compromising agility for implementation and verification ease. nQUIC provides mandatory server and optional client authentication, resistance to Key Compromise Impersonation attacks, and forward and future secrecy of traffic key derivation, which makes it favorable to QUIC-TLS for long-lived QUIC connections in comparable applications. We developed two interoperable prototype implementations written in Go and Rust. Experimental results show that nQUIC finishes its handshake in a comparable amount of time as QUIC-TLS. |
Databáze: | OpenAIRE |
Externí odkaz: |