QUIC, HTTP/3 and Proxies: a complicated love triangle
Thesis type SPERIMENTAL
Description Web protocols are constantly evolving, and the recently standardized HTTP/3 and QUIC promise improvements in performance and security. Many network scenarios require the use of so-called HTTP proxies, middleboxes that act as intermediaries for Web traffic. They have a number of functionalities, especially in the enterprise context where security requires special attention. HTTP proxies can filter websites and allow workstations to communicate with the Internet when they need to work in an isolated environment for security reasons. The operation of proxies is challenged by the new web protocols as they implement end-to-end encryption with various implications. Traffic through an HTTP/3 proxy would go through two nested layers of encryption and congestion control, which is known to severely impact performance.
This thesis has the goal of studying the security and performance of different configurations of HTTP proxies and servers using an experimental testing environment. It will investigate the options currently offered for operating web proxies and servers, with particular attention to recent proposals, among all the Multiplexed Application Substrate over QUIC Encryption (masque), which optimizes the QUIC transport protocol when used to contact a proxy.
Required skills Prerequisites:
- Networking: TCP, UDP, HTTP, TLS, QUIC
- System Programming: Bash, Linux Networking Stack
Notes Non-exhaustive list of useful tools:
- BrowerTime (web automation), WebPageReplay (website simulation), Squid (HTTP proxy),nginx (web server)
Deadline 03/11/2023 PROPONI LA TUA CANDIDATURA