DeepAI AI Chat
Log In Sign Up

Surfing the Web quicker than QUIC via a shared Address Validation

by   Erik Sy, et al.

QUIC is a performance-optimized secure transport protocol and a building block of the upcoming HTTP/3 standard. To protect against denial-of-service attacks, QUIC servers need to validate the IP addresses claimed by their clients. So far, the QUIC protocol conducts address validation for each hostname separately using validation tokens. In this work, we review this practice and introduce a new QUIC transport parameter to allow a shared address validation across hostnames. This parameter indicates to the client, that an issued validation token can be used to abbreviate the address validation when connecting to specific other hostnames. Based on trust-relations between real-world hostnames we evaluate the performance benefits of our proposal. Our results suggest that a shared address validation saves a round-trip time on almost 60 loading of an average website. Assuming a typical transatlantic connection with a round-trip time of 90ms. We find that deploying our proposal reduces the delay overhead to establish all required connections for an average website by 142.2ms.


page 1

page 2

page 3

page 4


QUICker connection establishment with out-of-band validation tokens

QUIC is a secure transport protocol and aims to improve the performance ...

Enhanced Performance for the encrypted Web through TLS Resumption across Hostnames

TLS can resume previous connections via abbreviated resumption handshake...

JSON Web Token (JWT) based client authentication in Message Queuing Telemetry Transport (MQTT)

This paper is an overview of JSON Web Token (JWT) and Transport Layer Se...

Enhanced Performance and Privacy via Resolver-Less DNS

The domain name resolution into IP addresses can significantly delay con...

TurboTLS: TLS connection establishment with 1 less round trip

We show how to establish TLS connections using one less round trip. In o...

Towards Simplifying PKI Implementation: Client-Server based Validation of Public Key Certificates

With real-time certificate validation checking, a public-key-using syste...

Source Address Validation

Source address validation (SAV) is a standard formalized in RFC 2827 aim...