Marcin Nawrocki, Pouyan Fotouhi Tehrani, Raphael Hiesgen, Jonas Mücke, Thomas C. Schmidt, Matthias Wählisch,
On the Interplay between TLS Certificates and QUIC Performance,
In: Proc. of 18th International Conference on emerging Networking EXperiments and Technologies (CoNEXT), p. 204–213, ACM : New York, NY, USA, 2022.
[html][BibTeX][Abstract] Best Paper Award and CoNEXT Community Award

Abstract: In this short paper, we revisit the performance of the QUIC connection setup and relate the design choices for fast and secure connections to common Web deployments. We analyze over 1M~Web domains with 272k~QUIC-enabled services and find two worrying results. First, current practices of creating, providing, and fetching Web certificates undermine reduced round trip times during the connection setup since sizes of 35% of server certificates exceed the amplification limit. Second, faulty server implementations lead to larger amplification factors than QUIC permits, which increase even further in IP~spoofing scenarios. We present guidance for all involved stakeholders to improve the situation.

Themes: Network Security , Internet Measurement and Analysis


This page generated by bibTOhtml on Thu 23 May 2024 12:05:05 AM UTC