A First Look at QUIC in the Wild

  title={A First Look at QUIC in the Wild},
  author={Jan R{\"u}th and Ingmar Poese and Christoph Dietzel and Oliver Hohlfeld},
For the first time since the establishment of TCP and UDP, the Internet transport layer is subject to a major change by the introduction of QUIC. Initiated by Google in 2012, QUIC provides a reliable, connection-oriented low-latency and fully encrypted transport. In this paper, we provide the first broad assessment of QUIC usage in the wild. We monitor the entire IPv4 address space since August 2016 and about 46% of the DNS namespace to detected QUIC-capable infrastructures. Our scans show that… 

It's over 9000: analyzing early QUIC deployments with the standardization on the horizon

It is argued that the current deployment state and diversity of existing implementations and seen configurations solidifies the importance of QUIC as a future research topic and provides and evaluates a versatile tool set, to identify QUIC capable hosts and their properties.

One to Rule them All? A First Look at DNS over QUIC

Analyzing the response times of DoQ, it is found that roughly 40% of measurements show considerably higher handshake times than expected, which traces back to the enforcement of the traffic amplification limit despite successful validation of the client’s address.

A QUIC Implementation for ns-3

This paper presents a native implementation of QUIC for ns-3, describing the features it implemented, the main assumptions and differences with respect to the QUIC Internet Drafts, and a set of examples.

Pluginizing QUIC

This paper proposes Pluginized QUIC (PQUIC), a framework that enables QUIC clients and servers to dynamically exchange protocol plugins that extend the protocol on a per-connection basis and demonstrates the modularity of this proposal by implementing and evaluating very different plugins ranging from connection monitoring to multipath or Forward Erasure Correction.

COP2: Continuously Observing Protocol Performance

This work presents a new monitoring framework, Flowcorder, which leverages information already maintained by the end-hosts and records Key Performance Indicators (KPIs) from their transport protocols and inserts lightweight eBPF probes at runtime in the protocol implementations.

Extending the ns-3 QUIC Module

This work presents the integration of BBR into the QUIC module and the implementation of the necessary pacing and rate sampling mechanisms, along with a novel scheduling interface, with three different scheduling flavors.

Evaluating QUIC Performance Over Web, Cloud Storage, and Video Workloads

This work evaluates QUIC performance over the web, cloud storage, and video workloads and compares them to traditional TLS/TCP and observes that QUIC tends to depict better video content delivery with reduced stall events and up to 50% lower stall durations due to its lower latency overheads.

The Era of TLS 1.3: Measuring Deployment and Use with Active and Passive Methods

This study conducts the first study of TLS 1.3 deployment and use since its standardization by the IETF and establishes and investigates the critical contribution that hosting services and CDNs make to the fast, initial uptake of the protocol.

Impact of Evolving Protocols and COVID-19 on Internet Traffic Shares

The observations in this study reconfirm that traffic shares change with time and can vary greatly depending on the vantage point studied despite the use of the same generalized methodology and analyses, which can also be applied to other traffic monitoring datasets.

QUIC performance over a public SATCOM access

It is concluded that specific tuning are required when any-QUIC runs over a high BDP network.



Taking a long look at QUIC

An approach that allows analysis across multiple versions of QUIC to understand how code changes impact protocol effectiveness and identifies performance issues related to window sizes, re-ordered packets, and multiplexing large number of small objects is developed.

QUIC: Better for what and for whom?

This paper presents the results of the evaluation of QUIC, performed on a local testbed as well as on Internet, and the analysis to identify in which conditions QUIC is of interest, which actors can benefit from having QUIC deployed in the network and what impacts QUIC can lead to.

The QUIC Transport Protocol: Design and Internet-Scale Deployment

We present our experience with QUIC, an encrypted, multiplexed, and low-latency transport protocol designed from the ground up to improve transport performance for HTTPS traffic and to enable rapid

TCP fast open

The design, implementation, and deployment of the TCP Fast Open protocol is described, a new mechanism that enables data exchange during TCP's initial handshake that decreases application network latency by one full round-trip time, decreasing the delay experienced by such short TCP transfers.

How Secure and Quick is QUIC? Provable Security and Performance Analyses

This work introduces a security model for analyzing performance-driven protocols like QUIC and proves that QUIC satisfies its definition under reasonable assumptions on the protocol's building blocks, but finds that it does not satisfy the traditional notion of forward secrecy provided by some modes of TLS, e.g., TLS-DHE.

HTTP over UDP: an experimental investigation of QUIC

This paper investigates "Quick UDP Internet Connections" (QUIC), which was proposed by Google in 2012 as a reliable protocol on top of UDP in order to reduce Web Page retrieval time and finds that QUIC reduces the overall page retrieval time with respect to HTTP.

Multi-Stage Key Exchange and the Case of Google's QUIC Protocol

This work revisits the previous security of model of Brzuska et al. (CCS'11) and expands it into a multi-stage key exchange model in the style of Bellare and Rogaway, and shows that QUIC is an adequately secure multi- stage key exchange protocol and meets the suggested security properties of the designers.

On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption

Two attacks which transfer the potential weakness of prior TLS versions to two recently proposed protocols that do not even support PKCS#1 v1.5 are described, namely Google's QUIC protocol and TLS~1.3.

How Hard Can It Be? Designing and Implementing a Deployable Multipath TCP

The constraints--partly due to various types of middleboxes-- that influenced the design of Multipath TCP are reviewed and how the implementation was handled is shown to achieve its deployability goals.

ZMap: Fast Internet-wide Scanning and Its Security Applications

ZMap is introduced, a modular, open-source network scanner specifically architected to perform Internet-wide scans and capable of surveying the entire IPv4 address space in under 45 minutes from user space on a single machine, approaching the theoretical maximum speed of gigabit Ethernet.