IIJ Research Laboratory

Member： Kazu YAMAMOTO

Background: It is desired to verify the correctness of the new network protocols which the IETF is actively standardizing.
Purpose: Contribute to protocol standardization by implementing the latest protocols and verifying interoperability.

Summary

We implement various network protocols with the Haskell programming language and verify their interoperability.

Position paper: Network Protocol Programming in Haskell, ACM SIGCOMM 2017 The Third Workshop on Networking and Programming Languages (NetPL 2017)
Software: network, warp, tls, http2, http2-tls, quic, http3
Encrypted ClientHelloの仕組み, IIJ Enginners Blog, 2025.
QUICをゆっくり解説, IIJ Engineers Blog, 2021〜2022.
Implementing QUIC in Haskell, Internet Infrastructure Review（IIR）Vol.52, 2021.
TLS 1.3の標準化と実装, IIJ Engineers Blog, 2018.
TLS Trends, Internet Infrastructure Review（IIR）Vol.31, 2016.
Exploring HTTP/2 Header Compression, Kazuhiko Yamamoto, Tatsuhiro Tsujikawa and Kazuho Oku. In Proceedings of CFI 2017, the 12th Internatinal Conference on Future Internet Technologies.
Experience Report: Developing High Performance HTTP/2 Server in Haskell, Kazuhiko Yamamoto. In Proceedings of Haskell Symposium 2016.
Mio: A High-Performance Multicore IO Manager for GHC, Andreas Voellmy, Junchang Wang, Paul Hudak and Kazuhiko Yamamoto. In Proceedings of Haskell Symposium 2013.

Let’s Encrypt: Implemented automatic certificate renewal functionality for the Mighty web server.
Controllable recv: To implement an event-pull model, we devised a controllable recv abstraction and integrated it into the dnsext library. We also concluded that for code where the overhead of implementing the controllable recv abstraction is high, using an STM queue is a simpler alternative.
Released Mew v6.10, which supports XOAUTH2. Subsequently, we added support for Emacs 31.

quic library: Fixed bugs discovered while using it as a transport layer for DNS, improving stability. Enabled clients to detect changes in network links and paths, allowing for seamless migration.
http3 library: Improved the QPACK encoder to utilize dynamic tables. Achieved compression ratios comparable to other implementations that offer the highest compression rates.

Regression testing for the tls library was implemented using tlsfuzzer
Record size limit extension and certificate compression extension were implemented in the tls library
ECH (Encrypted ClientHello) was implemented in the tls library, and the specifications were verified by testing interoperability with other implementations
Stateless reset was reimplemented in the quic library, and multiple TLS tickets were made compatible
Blog articles

Synchronized threading model: Reduced use of asynchronous exceptions in the network and http2 libraries, and made the code clearer by using synchronization
Thread Monitor: Implemented a thread monitor in the HTTP server and removed thread leaks in dependent libraries that were caused by asynchronous exceptions
tls library: Improved corner cases with tlsfuzzer tests and automated tests to enable regression testing
Blog article：Myth and truth in Haskell asynchronous exceptions

New server architecture for http2: Solved the problem of using a lot of lightweight threads when streaming and simplified the code. Also wrote a blog post about it.
New server architecture for quic: Changed from connected sockets to wildcard sockets, making it possible to communicate even with NATs that frequently change ports. Also wrote a blog post about it.

Stabilization of network libraries: unified the functions of the debugging tools implemented in the tls/http2/http2-tls/quic/http3 libraries to enable comprehensive testing. did. Several bugs newly discovered during this test and bugs discovered during application to DNS were removed
Support for multiple TLS tickets: stabilized session resumption by supporting for TLS servers that send multiple tickets. 0-RTT bugs discovered during this work have been fixed

0-RTT in the tls library: Made the handshake implementation asynchronous, allowing the client side to dynamically determine the 0-RTT data to send. Verified the practicality of using 0-RTT with DNS over TLS
Stabilization of quic library: Addressed New Connection ID flood attack. Verified the practicality of using 0-RTT with DNS over QUIC

tls library: Thoroughly refactored, removed TLS 1.0/1.1, removed CBC cipher suites, refined tests, implemented channel bindings
tls-session-manager library: Implemented session ticket method
network-control library: Extracted the common parts of flow control and released it as a library.
quic library: Revamped flow control mechanism. Addressed Path Challenge flood attack.
http2 library: Addressed HTTP/2 rapid reset attack. A mechanism has been incorporated to efficiently handle DNS pipelines. New flow control mechanism

Stabilized quic library
Released http2-tls library which combines http2 library and tls library for easy usage.

Stabilized http2 library
Since the cryptographic library (cryptonite) is no longer maintained, the fork was named crypton and each library was migrated to crypton.