Modernizing Network Security with nQUIC Noise-Based Packet Protection

Explore the evolution of network security mechanisms through nQUIC Noise protocol, comparing it against traditional HTTPS stack. Delve into the secure transmission aspects of TCP/IP, TLS, and the innovative approaches of QUIC protocol, emphasizing the significance of securing protocols with TLS in modern network infrastructures.

• Network Security
• nQUIC
• Packet Protection
• TLS Security
• QUIC Protocol

katarina Follow

Uploaded on Jul 22, 2024 | 2 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. nQUIC nQUIC: Noise : Noise- -Based Packet Protection Protection Based Packet Mathias Hall-Andersen* University of Copenhagen David Wong* Facebook Alishah Chator Johns Hopkins University Nick Sullivan Cloudflare *Work done while at NCC Group Work done while at Cloudflare

2. The Traditional HTTPS Stack HTTP TLS TCP IP

3. The Traditional HTTPS Stack Multiplexed Streams HTTP TLS TCP IP

4. The Traditional HTTPS Stack Multiplexed Streams HTTP Security TLS TCP IP

5. The Traditional HTTPS Stack Multiplexed Streams HTTP Security TLS Reliability TCP IP

6. The Traditional HTTPS Stack HTTP TLS Ossification TCP IP

7. The QUIC way of doing things HTTP HTTP TLS QUIC TCP UDP IP

8. The QUIC way of doing things HTTP HTTP Multiplexed Streams TLS Security Reliability QUIC TCP UDP IP

9. Securing Protocols with TLS

10. Securing Protocols with TLS: TCP TLS Handshake Layer TLS Record Layer TCP

11. Securing Protocols with TLS: TCP TLS Handshake Layer Handshake messages, Application data, TLS alerts TLS Record Layer TCP

12. Securing Protocols with TLS: TCP TLS Handshake Layer Handshake messages, Application data, TLS alerts Applies cryptographic protection TLS Record Layer TCP

13. Securing Protocols with TLS: TCP TLS Handshake Layer Handshake messages, Application data, TLS alerts Applies cryptographic protection TLS Record Layer Reliable transport TCP

14. Securing Protocols with TLS: QUIC TLS Handshake/Alerts Application Data QUIC

15. Securing Protocols with TLS: QUIC TLS Handshake/Alerts Application Data Supplies both packet protection and reliable transport QUIC

16. Handshake Modularity Extract keys from handshake QUIC TLS Handshake/Alerts

17. Handshake Modularity Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets QUIC Packet Protector

18. Handshake Modularity Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets QUIC Packet Protector

19. Handshake Modularity Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Separation between how handshake is performed and how the keys are used QUIC Packet Protector

20. Handshake Modularity Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Separation between how handshake is performed and how the keys are used QUIC Packet Protector

21. Handshake Modularity? Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets QUIC Packet Protector

22. Handshake Modularity? Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Specifications focus on TLS 1.3 limits advantages of modularity QUIC Packet Protector

23. Handshake Modularity? Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Specifications focus on TLS 1.3 limits advantages of modularity - Avoiding complexity when not needed QUIC Packet Protector

24. Handshake Modularity? Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Specifications focus on TLS 1.3 limits advantages of modularity - Avoiding complexity when not needed - Swapping in new protocols with full security proofs QUIC Packet Protector

25. Handshake Modularity? Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Specifications focus on TLS 1.3 limits advantages of modularity - Avoiding complexity when not needed - Swapping in new protocols with full security proofs QUIC - Legacy support not always needed Packet Protector

26. Handshake Modularity? Extract keys from handshake QUIC TLS Handshake/Alerts Use keys to protect packets Specifications focus on TLS 1.3 limits advantages of modularity - Avoiding complexity when not needed - Swapping in new protocols with full security proofs QUIC - Legacy support not always needed Packet Protector In addition, TLS implementations need significant modification before integrating with QUIC

27. Are there circumstances we can do better than TLS 1.3?

28. What is Noise A framework for specifying Cryptographic Handshakes

29. What is Noise A framework for specifying Cryptographic Handshakes A variety of protocols can be specified using the simple Noise language

30. What is Noise A framework for specifying Cryptographic Handshakes A variety of protocols can be specified using the simple Noise language These protocols can vary in their guarantees and complexity

31. What is Noise A framework for specifying Cryptographic Handshakes A variety of protocols can be specified using the simple Noise language These protocols can vary in their guarantees and complexity However, once a protocol is selected, the handshake proceeds in a straightforward fashion

32. What is Noise The Noise language consists of tokens, which combine into message patterns, when combine into handshake patterns

33. What is Noise The Noise language consists of tokens, which combine into message patterns, when combine into handshake patterns s s e e Public Key Tokens

34. What is Noise The Noise language consists of tokens, which combine into message patterns, when combine into handshake patterns s s e s s s e e s e e e Public Key Tokens DH Tokens

35. What is Noise Here is a basic example handshake pattern e payload payload e e e

36. What is Noise Here is a basic example handshake pattern e Initiator sends a public ephemeral DH share

37. What is Noise Here is a basic example handshake pattern e payload Initiator sends a public ephemeral DH share A cleartext payload is also sent over

38. What is Noise Here is a basic example handshake pattern e payload Initiator sends a public ephemeral DH share A cleartext payload is also sent over Responder sends a public ephemeral DH share e

39. What is Noise Here is a basic example handshake pattern e payload Initiator sends a public ephemeral DH share A cleartext payload is also sent over Responder sends a public ephemeral DH share e e e A DHKE is performed using these keys to obtain

40. What is Noise Here is a basic example handshake pattern e payload Initiator sends a public ephemeral DH share A cleartext payload is also sent over Responder sends a public ephemeral DH share payload e e e A DHKE is performed using these keys to obtain Responder sends payload encrypted under a derived key

41. What is Noise Here is a basic example handshake pattern e payload Initiator sends a public ephemeral DH share A cleartext payload is also sent over Responder sends a public ephemeral DH share payload e e e A DHKE is performed using these keys to obtain Responder sends payload encrypted under a derived key Noise does additional processing to mix all handshake data into the derived key

42. Noise vs TLS Once a handshake pattern is selected, noise follows a simple linear state machine

43. Noise vs TLS Once a handshake pattern is selected, Noise follows a simple linear state machine Noise is easy to prove secure

44. Noise vs TLS Once a handshake pattern is selected, Noise follows a simple linear state machine Noise is easy to prove secure Noise is generally implemented as a build your own protocol library

45. Noise vs TLS Once a handshake pattern is selected, Noise follows a simple linear state machine Noise is easy to prove secure Noise is generally implemented as a build your own protocol library Noise lacks cryptographic agility

46. Peer Authentication and Pinning Traditionally, Authentication of peers in TLS involves a PKI

47. Peer Authentication and Pinning Traditionally, Authentication of peers in TLS involves a PKI Leaf Intermediary Root Chain of Trust

48. Peer Authentication and Pinning Traditionally, Authentication of peers in TLS involves a PKI Leaf Intermediary Root Chain of Trust However this is not necessary in a centrally managed setting

49. Peer Authentication and Pinning Pinning instructs a peer to expect a specific key

50. Peer Authentication and Pinning Pinning instructs a peer to expect a specific key This is similar to the Preshared Symmetric Keys (PSKs) setting

Load More ...