Implementing new network protocols

Member: Kazu YAMAMOTO

Category:

Tags: , , , ,

  1. Background: It is desired to verify the correctness of the new network protocols which the IETF is actively standardizing.
  2. Purpose: Contribute to protocol standardization by implementing the latest protocols and verifying interoperability.

Summary

We implement various network protocols with the Haskell programming language and verify their interoperability.

Results

Progress

Progress in 2024FY4Q

Progress in 2024FY3Q

  • Synchronized threading model: Reduced use of asynchronous exceptions in the network and http2 libraries, and made the code clearer by using synchronization
  • Thread Monitor: Implemented a thread monitor in the HTTP server and removed thread leaks in dependent libraries that were caused by asynchronous exceptions
  • tls library: Improved corner cases with tlsfuzzer tests and automated tests to enable regression testing
  • Blog article:Myth and truth in Haskell asynchronous exceptions

Progress in 2024FY2Q

  • New server architecture for http2: Solved the problem of using a lot of lightweight threads when streaming and simplified the code. Also wrote a blog post about it.
  • New server architecture for quic: Changed from connected sockets to wildcard sockets, making it possible to communicate even with NATs that frequently change ports. Also wrote a blog post about it.

Progress in 2024FY1Q

  • Stabilization of network libraries: unified the functions of the debugging tools implemented in the tls/http2/http2-tls/quic/http3 libraries to enable comprehensive testing. did. Several bugs newly discovered during this test and bugs discovered during application to DNS were removed
  • Support for multiple TLS tickets: stabilized session resumption by supporting for TLS servers that send multiple tickets. 0-RTT bugs discovered during this work have been fixed

Progress in 2023FY4Q

  • 0-RTT in the tls library: Made the handshake implementation asynchronous, allowing the client side to dynamically determine the 0-RTT data to send. Verified the practicality of using 0-RTT with DNS over TLS
  • Stabilization of quic library: Addressed New Connection ID flood attack. Verified the practicality of using 0-RTT with DNS over QUIC

Progress in 2023FY3Q

  • tls library: Thoroughly refactored, removed TLS 1.0/1.1, removed CBC cipher suites, refined tests, implemented channel bindings
  • tls-session-manager library: Implemented session ticket method
  • network-control library: Extracted the common parts of flow control and released it as a library.
  • quic library: Revamped flow control mechanism. Addressed Path Challenge flood attack.
  • http2 library: Addressed HTTP/2 rapid reset attack. A mechanism has been incorporated to efficiently handle DNS pipelines. New flow control mechanism

Progress in 2023FY2Q

  • Stabilized quic library
  • Released http2-tls library which combines http2 library and tls library for easy usage.

Progress in 2023FY1Q

  • Stabilized http2 library
  • Since the cryptographic library (cryptonite) is no longer maintained, the fork was named crypton and each library was migrated to crypton.

PAGE TOP