Verifying QUIC implementations using Ivy
By: Christophe Crochet , Tom Rousseaux , J-F Sambon and more
Potential Business Impact:
Finds mistakes in internet connection rules.
QUIC is a new transport protocol combining the reliability and congestion control features of TCP with the security features of TLS. One of the main challenges with QUIC is to guarantee that any of its implementation follows the IETF specification. This challenge is particularly appealing as the specification is written in textual language, and hence may contain ambiguities. In a recent work, McMillan and Zuck proposed a formal representation of part of draft-18 of the IETF specification. They also showed that this representation made it possible to efficiently generate tests to stress four implementations of QUIC. Our first contribution is to complete and extend the formal representation from draft-18 to draft-29. Our second contribution is to test seven implementations of both QUIC client and server. Our last contribution is to show that our tool can highlight ambiguities in the QUIC specification, for which we suggest paths to corrections
Similar Papers
Implementation and Performance Evaluation of TCP over QUIC Tunnels
Networking and Internet Architecture
Makes old internet faster on bad connections.
Demystifying QUIC from the Specifications
Networking and Internet Architecture
Makes internet faster and safer for everyone.
QUIC-Fuzz: An Effective Greybox Fuzzer For The QUIC Protocol
Cryptography and Security
Finds hidden bugs in internet connections.