Abstract:
QUIC is a new general-purpose transport protocol intended to supersede the defacto default internet protocol stack. It was designed to combine features of the Transmission Control Protocol (TCP), Transport Layer Security (TLS), and Hypertext Transfer Protocol (HTTP) into one protocol while improving upon them in key areas like performance and security. Version 1 of the QUIC protocol was standardized by the IETF in 2021. Since then the protocol is gaining more and more support from various big tech companies implementing the protocol for their servers. The protocol’s increasing prevalence on the web and its promise to improve security prompt the need for ways to perform security-focused analyses of the QUIC ecosystem. To this end, we propose and implement the QUIC-Scanner, an evolution of the opensource TLS scanning tool TLS-Scanner. The QUIC-Scanner can perform active tests against QUIC-enabled endpoints to analyze various QUIC-specific capabilities and configuration properties. Furthermore, with this thesis, we present the results of a large-scale scan of the 100k most popular websites utilizing the QUIC-Scanner. To the best of our knowledge, we provide the first large-scale scan of QUIC endpoints on the internet that includes tests for QUIC features like connection migration and address validation. Our scan identified a total of 13.3k QUIC-enabled endpoints among the 100k targets. We found that almost none of the targets perform QUIC’s address validation mechanism and only a small number of servers support QUIC’s connection migration capability.