[QUIC] Switching off cryptography

741 views
Skip to first unread message

Wesley Davison

unread,
Apr 2, 2014, 2:37:35 PM4/2/14
to chromi...@chromium.org
After diving into the code of the QUIC protocol, I have some straightforward questions:
  1. is it possible to easily switch off the cryptography used by QUIC?
  2. if so, is there some way to do this and keep the handshake phase (when the keys are exchanged) ?
More specifically, I analyzed the QUIC code and the documentation available.  As far as I could see, the QUIC is hardly linked with the concept of encrypted connection.

Does someone have worked on it and could suggest something?


David Michael

unread,
Apr 2, 2014, 2:54:02 PM4/2/14
to daviso...@gmail.com, Chromium-dev
On Wed, Apr 2, 2014 at 12:37 PM, Wesley Davison <daviso...@gmail.com> wrote:
After diving into the code of the QUIC protocol, I have some straightforward questions:
  1. is it possible to easily switch off the cryptography used by QUIC?
  2. if so, is there some way to do this and keep the handshake phase (when the keys are exchanged) ?
I know nothing about QUIC, but it looks like there's a "NullDecryptor" and a "NullEncryptor" that don't actually encrypt the data. There's probably a way to configure a local build of Chromium to use it:

I'm guessing this would only really be useful for development, e.g. to help with testing.
 
More specifically, I analyzed the QUIC code and the documentation available.  As far as I could see, the QUIC is hardly linked with the concept of encrypted connection.

Does someone have worked on it and could suggest something?


--
--
Chromium Developers mailing list: chromi...@chromium.org
View archives, change email options, or unsubscribe:
http://groups.google.com/a/chromium.org/group/chromium-dev

Ryan Hamilton

unread,
Apr 2, 2014, 3:53:14 PM4/2/14
to dmic...@chromium.org, daviso...@gmail.com, Chromium-dev
Sorry. No, by design there is no way to disable the cryptography in QUIC.

Jim Roskind

unread,
Apr 11, 2014, 2:48:35 PM4/11/14
to Ryan Hamilton, dmic...@chromium.org, daviso...@gmail.com, Chromium-dev
+1 +1 +1 ...

There are giant problems with "helpful" middle boxes if we don't use crypto.  We decided long ago not to go there.

Wesley Davison

unread,
Apr 11, 2014, 3:00:37 PM4/11/14
to Jim Roskind, Ryan Hamilton, dmic...@chromium.org, Chromium-dev
First of all, thank you for your quick reply! :D

Forgetting the unhappy joke and answering the questions, my first idea was to implement a client that could choose whether or not use the available credential received from the server. The problem is that, if I disable the encryption at the client side, after the SHLO, the server enters in a kind of "encrypted only" mode and does not accept packets without encryption. But, no problem:  I will dive into the QUIC Crypto document that Raman sent and I will find a solution for this problem.

Best Regards, 

Davison
Reply all
Reply to author
Forward
0 new messages