Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Question about encryption #1724

Closed
neobsv opened this issue Feb 21, 2024 · 4 comments
Closed

Question about encryption #1724

neobsv opened this issue Feb 21, 2024 · 4 comments

Comments

@neobsv
Copy link

neobsv commented Feb 21, 2024

Was wondering if each packet being sent is encrypted or is it just the handshake which is encrypted? Pardon me for my lack of understanding, just a newbie. Thanks
@LPardue
Copy link
Contributor

LPardue commented Apr 4, 2024

Your best best for information about the QUIC protocol is the RFCs or other technical writing around that topic. I'd start with https://datatracker.ietf.org/doc/html/rfc9000#name-protected-packets, which will provide your answers (TL;DR all packets have some form of protection).

Since this isn't a question about the quiche project itself, I'm closing the issue. But feel free to post questions about QUIC to the community - https://github.com/quicwg/base-drafts/blob/main/CONTRIBUTING.md#engaging-with-the-quic-community

@LPardue LPardue closed this as completed Apr 4, 2024
@neobsv
Copy link
Author

neobsv commented Apr 4, 2024

Hey Lucas, thank you for the resources, I will study them

@Leichesters
Copy link

I can confirm that learning about those protocols in detail will help you understand everything much better.

For example, if you want to use http/3.0, you will use encryption by default. Cloudflare has written a blog about this too: https://www.cloudflare.com/learning/performance/what-is-http3/

Keep in mind though, just using some sort of encryption doesn't necessarily mean you are secure. ROT13 for example is an "encryption" algorithm that works by shifting all characters and has been used in production for emails. However, it's trivially easy to break as you can literally brute force it very quickly by hand by just shifting everything.

AES the most widely used encryption algorithm uses fixed s boxes (nonlinear function) which means there is an inverse S-Box that allows this person to... well... read everything :) Knowing this inverse s box is pretty much half of the key, so this isn't very secure. Therefore I'd strongly suggest you to also study different encryption algorithms that use a key dependent s box rather than a static one. Take examples from Blowfish, Serpent, Twofish etc

This is just the tip of the iceberg but should help you get started :)

@neobsv
Copy link
Author

neobsv commented Jun 14, 2024

Yep, yep, I've learned about the internals of AES in university too, it's not safe to discuss here plus I'm also really busy with some other work, feel free to reach out to me on telegram @onebsv , thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@LPardue @neobsv @Leichesters