QUIC Fingerprints

We have started to collect anonymized QUIC Client Initial (and previously TLS Client Hello) messages from the University of Colorado Boulder campus network to measure the popularity of various implementations actually used in practice.

This page demonstrates our preliminary work in collecting and analyzing QUIC fingerprints

QUIC fingerprints

QUIC uses TLS 1.3 for its handshake. Like TLS itself, QUIC's handshake has identifiable features that could form a unique fingerprint, allowing a network adversary to tell what implementation is involved in a QUIC connection.

Some features in the first packet sent by the client (Client Initial) that could be used to fingerprint QUIC clients: