[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] IPsec DH parameters, other flaws

On 11/23/2020 12:00 AM, jrzx via cryptography wrote:

While QUIC started as a Google project, it is being standardized in the
IETF. There are several independent implementations of QUIC, by Apple,
Microsoft, Mozilla, Cloudflare and many others, including mine. They are
not "married to the Google code base".
Does your implementation use OpenSSL, or Google's fork of OpenSSL?

It uses PicoTLS, a from-the-ground-up implementation of TLS 1.3 by Kazuho Ohu -- https://github.com/h2o/picotls. Picotls allows for a variety of implementation of the crypto algorithms, including libcrypto from OpenSSL, a "fusion" implementation of AES-GCM developed by Kazuho, and a "mini crypto" implementation using cifra for most crypto and micro-ecc for secp256r1.

As noted by Rich Saltz, different implementations use different implementations of TLS and different crypto libraries. Some use a forked branch of OpenSSL in which the API required by QUIC were added. The Microsoft implementation uses S-Channel or MiTLS from MSR. The Google implementation and some others use BoringSSL. Mozilla use their own library. Some implementations use rusttls. A few implementations allow developers to choose between OpenSSL, LibreSSL, etc.

Where is your implementation?


The list of implementations is at https://github.com/quicwg/base-drafts/wiki/Implementations.

The results of the automated interop testing set by Marten Seeman are at https://interop.seemann.io/. The results from manual interop testing conducted periodically are at https://docs.google.com/spreadsheets/d/1D0tW89vOoaScs3IY9RGC0UesWGAwE6xyLk0l4JtvTVg/edit#gid=1991873121. That spreadsheet includes tabs for the interop that have been going on since 2017. Interop testing was one of the basic tools of protocol development.

-- Christian Huitema

The cryptography mailing list
cryptography AT metzdowd.com