Secure Communication Channel Establishment: Tls 1.3 (Over Tcp Fast Open) Vs. Quic - Citegraph

Paper Info

Title
Secure Communication Channel Establishment: Tls 1.3 (Over Tcp Fast Open) Vs. Quic

Abstract
Secure channel establishment protocols such as TLS are some of the most important cryptographic protocols, enabling the encryption of Internet traffic. Reducing the latency (the number of interactions between parties) in such protocols has become an important design goal to improve user experience. The most important protocols addressing this goal are TLS 1.3 over TCP Fast Open (TFO), Google's QUIC over UDP, and QUIC[TLS] (a new design for QUIC that uses TLS 1.3 key exchange) over UDP. There have been a number of formal security analyses for TLS 1.3 and QUIC, but their security, when layered with their underlying transport protocols, cannot be easily compared. Our work is the first to thoroughly compare the security and availability properties of these protocols. Towards this goal, we develop novel security models that permit "layered" security analysis. In addition to the standard goals of server authentication and data privacy and integrity, we consider the goals of IP spoofing prevention, key exchange packet integrity, secure channel header integrity, and reset authentication, which capture a range of practical threats not usually taken into account by existing security models that focus mainly on the crypto cores of the protocols. Equipped with our new models we provide a detailed comparison of the above three protocols. We hope that our results will help protocol designers in their future protocol analyses and practitioners to better understand the advantages and limitations of novel secure channel establishment protocols.

Year	DOI	Venue
2019	10.1007/978-3-030-29959-0_20	COMPUTER SECURITY - ESORICS 2019, PT I
Keywords	Field	DocType
Applied cryptography, Provable security, TLS, QUIC, Secure channel, Availability, Network protocols	Secure channel,Cryptographic protocol,Computer science,Computer security,IP address spoofing,TCP Fast Open,QUIC,Computer security model,Secure communication,Communications protocol	Journal
Volume	ISSN	Citations
11735	0302-9743	0
PageRank	References	Authors
0.34	0	5

Authors (5 rows)

Cited by (0 rows)

References (0 rows)

Name	Order	Citations	PageRank
Shan Chen	1	59	3.07
Samuel Jero	2	58	8.15
Matthew Jagielski	3	47	5.62
Alexandra Boldyreva	4	0	0.34
Cristina Nita-Rotaru	5	1855	100.14

1