Reputation: 63
Does the QUIC protocol encrypt ClientHello?
In general, the first time I heard it, I was very happy that Clienthello Tls messages will be fully encrypted inside the QUIC protocol, since this is a big leap forward in privacy. That there is no need for ESNI, but yesterday I saw this article(Title: Parsing QUIC Client Hellos) on the Chronium project, it is written about parsing ClientHellos, or I misunderstood something, or they mean decrypting ClientHellos already on the server side and not by a person in the middle. There's a draft reference about encrypting standart, but I as far as I understand it still depends on DNS. Can you correct me? Thanks.
Upvotes: 0
Views: 2190
Answers (1)
Reputation: 498
ClientHello messages are encrypted in QUIC, but the keys are published in the QUIC specification and so the Initial packets are easily decrypted.
Upvotes: 3
Related Questions
- QUIC-Transfer Protocol need not TLS?
- Can we send request form server to client and get response through quic/http3?
- How do I perform a secure MQTT using QtMqtt and SSL?
- How does QUIC ensure data integrity?
- How does MQTT protocol work
- How does one way SSL work in MQTT?
- MQTT as a centralized communication protocol
- Theoretical: Implementing MSMQ using SSL to send message
- Ciphertext on server
- q2q protocol specification