Uncover the mystery of "QUIC"

Author: Zhao Yong

The pronunciation of QUIC is similar to Quick, but it is actually very fast. It can well solve the various needs that applications face at the transport layer and application layer, including handling more connections, security, and low latency.

At present, in the Internet field, QUIC can be said to be blowing the wind of a new generation of Internet transmission protocols. For developers, understanding QUIC will help improve the experience of delay-sensitive applications, audio and video, shopping payment and other application scenarios.

1 QUIC has two major advantages

* 0RTT, establish low-latency transmission

The traditional TLS protocol requires a two-level handshake to realize the transmission of user data. The first level includes the TCP three-way handshake, which requires at least one round trip; the second level is the TLS protocol handshake. After several handshake packet negotiation of ClenHello and ServerHello, user data transmission can be started.

Although TLS1.3 is optimized in the TLS handshake phase and supports data transmission in the first packet of ClientHello, the TCP handshake still cannot save money. The QUIC protocol abandons the TCP protocol and uses UDP as the underlying transmission protocol, which further compresses the delay caused by the TCP three-way handshake and achieves a true 0RTT. This advantage is very attractive to delay-sensitive applications, and it also provides motivation for video applications to switch to the QUIC protocol.

* Encrypted transmission

Most Internet companies attach great importance to the security and privacy of users, and always continue to promote encrypted transmission of data. This work requires the support of two protocols, namely the HTTP protocol and the DNS protocol.

(1) The HTTP protocol is upgraded from version 1.1 to 2.0 and then to 3.0. It does not involve encrypted content itself, but only improves on time delay. However, the TLS protocol accompanying the HTTP protocol performs full-time encryption. The upgrade from TLS1.2 to TLS1.3 not only enhances the encryption strength, but also substantially encrypts the original plaintext handshake part. Furthermore, the TLS protocol plans to encrypt all parts of the handshake in the future.

(2) The DNS protocol and the HTTP protocol are also associated states, but it is inevitable that the domain name information in the HTTP protocol will be leaked. Therefore, the encryption of DNS is generally carried out at the same time.

The current mainstream solution is to use TLS for encryption, but the QUIC protocol has encryption capabilities similar to TLS and has better performance. This broke the TLS protocol's monopoly on encryption and became its biggest competitor.

2 Usage of QUIC

Many years ago, Google and Meta (formerly Facebook) studied the QUIC protocol separately, and even Facebook implemented a TCP version of QUIC. Later, they divided their research into two camps, one is Google's gQUIC, and the other is IETF-QUIC. But in the end, they reached an agreement and all belong to the IETF-QUIC camp, which is the prototype of QUIC today.

As the main promoters, Google and Facebook apps have used QUIC extensively for communication. So what progress have they and major Internet vendors have made on QUIC?

• Google: As a widely used mobile operating system, Android, its built-in browser component Webview supports QUIC by default, and Chrome and its derivative browsers support QUIC. There are also some apps that are closely connected to users' lives, such as Youtube, Gmail, Google map, Google Play, and so on. These will default to QUIC transmission in scenarios where they are supported.
• Facebook: Facebook, Messenger, Instagram, Whatsapp and other well-known apps and Google use similar QUIC strategies.
• Apple: Apple's strategy on QUIC is not so radical, but it has prepared QUIC as a future trend, including the DoH server that QUIC is online. In addition, Apple has used QUIC as a proxy transmission protocol in the latest iCloud+ Private Relay.
• CloudFlare: As a CDN manufacturer, ClouFlare has been vigorously promoting the use of QUIC, covering a large number of chrome + small website traffic, so that these traffic use QUIC by default.
• Snapchat: Following in the footsteps of Google, this popular chat software also uses QUIC extensively.
• Domestic Internet manufacturers: Kuaishou and Sohu Video mainly use QUIC to transmit video, which is currently the fastest in China. WeChat, Taobao, iQiyi, Douyin, and Baidu have already enabled QUIC under certain traffic or certain delay scenarios. The use of QUIC has gradually become the trend of domestic Internet manufacturers.

3 QUIC protocol format

After a long period of evolution and two camps of research, the QUIC protocol has many branches and variants. Here we omit the description of some previous changes and focus on the current situation. Currently, the QUIC protocol mainly has two major branch versions.

• The gQUIC version, created by Google and widely used. Only the ClientHello packet and the Rejection packet can be seen in the contents of the QUIC payload. The other data packets are encrypted and cannot be seen without the secret key. So let's first introduce the exposed content. The following figure shows the ClientHello packet structure of gQUIC, and the IETF QUIC displayed in wireshark. This is because the two branches are merging and are basically the same in this part, including Baotou, CRYPTO and PADDING. The header is some basic information, the important ones are the version number and the Connection ID.

CRYPTO contains specific handshake parameters, which is the biggest difference from gQUIC and IETF QUIC. But their functions are similar. They both provide the information needed for handshake such as domain name and encryption parameters. The following picture is the format in gQUIC, which is defined by Google itself:

The CRYPTO in IETF QUIC is equipped with a TLS ClientHello, which basically directly copies the TLS format. The following figure shows the CRYPTO format of IETF QUIC. From the external format, this is the biggest difference between the two QUIC branches:

The format that can be seen from the outside is introduced here, 90% has been explained, and the other parts are explained more clearly in Wireshark. In addition, the latest version of QUIC (both branches) uses the Encrypted ClientHello mechanism. The ClientHello described earlier is in an "encrypted" state in the traffic. It looks like some random bytes, and only the first few bytes are used Distinguish between different QUIC versions. But this "encrypted" secret key is hidden in the ClientHello package, and the real secret key can be calculated and decrypted on the spot. Therefore, Wireshark can see the content of ClientHello in plain text. This kind of "encryption" is similar to the P2P protocol of the year. It is designed to increase the processing difficulty of DPI equipment and ultimately requires CPU computing power. If the CPU power is not enough, the plaintext will not be seen.

4 QUIC interactive process

Wireshark provides the decryption function of QUIC traffic. With the secret key, you can see the specific content before encryption. In this way, we can also intuitively see the interactive process of QUIC. In fact, QUIC assumes the function of TCP, mainly the guarantee capability of reliable transmission. As can be seen from the figure below, a large number of ACK messages are transmitted internally to confirm that the data has been received, and based on this, retransmission and other congestion control-related capabilities are generated.

In addition to the ability to guarantee reliable transmission, there is a stream mechanism inside QUIC. Each stream can be considered as an independent stream, so QUIC itself is a large encrypted transmission tunnel. The actual data transmission protocol inside QUIC is generally HTTP3, which makes QUIC and HTTP3 have a strong binding, many times people will treat the two as one thing. Wireshark does not currently parse HTTP3, and can only see some binary data. However, HTTP3 inherits HTTP2, and the data is compressed. Just a few bytes may be the result of a huge request after compression.

In summary, the QUIC protocol is a new Internet transmission protocol that combines a variety of excellent features, and it has naturally become the new darling of major Internet manufacturers. In this regard, Huawei also launched the HMS Core network acceleration kit-hQUIC Kit, which helps developers to quickly support the QUIC protocol in applications, supplemented by intelligent congestion algorithms, and ultimately provide users with faster connection establishment speed and stronger resistance. Packet loss capability and higher throughput. hQUIC is suitable for application scenarios such as games, video calls, online TV/VOD, and VR real-time broadcasting. Its service advantages include:

• Simple and easy to use: Provide a simple and easy-to-use programming interface to shield network details.
• Compatibility: Compatible with gQUIC protocol and support Cronet interface.
• Improved mobile network experience: Improve user experience in a weak network environment.

For more information about hQUIC Kit, see:
https://developer.huawei.com/consumer/cn/hms/huawei-hQUIC/?ha_source=hms1

Development Guide:
https://developer.huawei.com/consumer/cn/doc/development/system-Guides/dev-process-0000001050197790?ha_source=hms1

Learn more >>

Visit Huawei Developer Alliance official website
Obtain the development guide document
Huawei Mobile Services open source warehouse address: GitHub , Gitee

and learn about the latest technical information of HMS Core for the first time~