{"title":"改进加密传输协议设计:深入研究 QUIC 案例","authors":"Florentin Rochet","doi":"arxiv-2409.07138","DOIUrl":null,"url":null,"abstract":"We propose in this paper to revisit the design of existing encrypted\ntransport protocols to improve their efficiency. We call the methodology\n\"Reverso\" from reversing the order of field elements within a protocol\nspecification. We detail how such a benign-looking change within the\nspecifications may unlock implementation optimizations for encrypted protocols.\nTo demonstrate our findings, we release quiceh, a QUIC implementation of QUIC\nVReverso, an extension of the QUIC V1 standard (RFC9000). Our methodology\napplied to the QUIC protocol reports ~30% of CPU efficiency improvement for\nprocessing packets at no added cost on the sender side and without relaxing any\nsecurity guarantee from QUIC V1. We also implement a fork of Cloudflare's\nHTTP/3 module and client/server demonstrator using quiceh and show our\noptimizations to directly transfer to HTTP/3 as well, resulting in our new\nHTTP/3 to be ~ 38% more efficient than the baseline implementation using QUIC\nV1. We argue that Reverso applies to any modern encrypted protocol and its\nimplementations and that similar efficiency improvement can also be unlocked\nfor them, independently of the layer in which they operate.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":"41 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Improving Encrypted Transport Protocol Designs: Deep Dive on the QUIC Case\",\"authors\":\"Florentin Rochet\",\"doi\":\"arxiv-2409.07138\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose in this paper to revisit the design of existing encrypted\\ntransport protocols to improve their efficiency. We call the methodology\\n\\\"Reverso\\\" from reversing the order of field elements within a protocol\\nspecification. We detail how such a benign-looking change within the\\nspecifications may unlock implementation optimizations for encrypted protocols.\\nTo demonstrate our findings, we release quiceh, a QUIC implementation of QUIC\\nVReverso, an extension of the QUIC V1 standard (RFC9000). Our methodology\\napplied to the QUIC protocol reports ~30% of CPU efficiency improvement for\\nprocessing packets at no added cost on the sender side and without relaxing any\\nsecurity guarantee from QUIC V1. We also implement a fork of Cloudflare's\\nHTTP/3 module and client/server demonstrator using quiceh and show our\\noptimizations to directly transfer to HTTP/3 as well, resulting in our new\\nHTTP/3 to be ~ 38% more efficient than the baseline implementation using QUIC\\nV1. We argue that Reverso applies to any modern encrypted protocol and its\\nimplementations and that similar efficiency improvement can also be unlocked\\nfor them, independently of the layer in which they operate.\",\"PeriodicalId\":501332,\"journal\":{\"name\":\"arXiv - CS - Cryptography and Security\",\"volume\":\"41 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Cryptography and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.07138\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.07138","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Improving Encrypted Transport Protocol Designs: Deep Dive on the QUIC Case
We propose in this paper to revisit the design of existing encrypted
transport protocols to improve their efficiency. We call the methodology
"Reverso" from reversing the order of field elements within a protocol
specification. We detail how such a benign-looking change within the
specifications may unlock implementation optimizations for encrypted protocols.
To demonstrate our findings, we release quiceh, a QUIC implementation of QUIC
VReverso, an extension of the QUIC V1 standard (RFC9000). Our methodology
applied to the QUIC protocol reports ~30% of CPU efficiency improvement for
processing packets at no added cost on the sender side and without relaxing any
security guarantee from QUIC V1. We also implement a fork of Cloudflare's
HTTP/3 module and client/server demonstrator using quiceh and show our
optimizations to directly transfer to HTTP/3 as well, resulting in our new
HTTP/3 to be ~ 38% more efficient than the baseline implementation using QUIC
V1. We argue that Reverso applies to any modern encrypted protocol and its
implementations and that similar efficiency improvement can also be unlocked
for them, independently of the layer in which they operate.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
