QUIC Fingerprints

We have started to collect anonymized QUIC Client Initial (and previously TLS Client Hello) messages from the University of Colorado Boulder campus network to measure the popularity of various implementations actually used in practice.

This page demonstrates our preliminary work in collecting and analyzing QUIC fingerprints

QUIC fingerprints

QUIC uses TLS 1.3 for its handshake. Like TLS itself, QUIC's handshake has identifiable features that could form a unique fingerprint, allowing a network adversary to tell what implementation is involved in a QUIC connection.

Some features in the first packet sent by the client (Client Initial) that could be used to fingerprint QUIC clients:

• Client Hello - The Client Initial packet contains a standard TLS 1.3 Client Hello message, encrypted with "default" key. All of the features used in TLS fingerprinting can be used to fingerprint QUIC clients as well.
• SID/DID length The QUIC header contains a variable-length connection ID for both the source and destination. Each of these IDs are generally chosen randomly, but may be any length between 0 and 20 bytes. The length chosen is an implementation-specific value.
• QUIC version most clients currently send version 1.
• Frame types The Client Initial message contains at least one CRYPTO frame (containing the encrypted Client Hello message), and likely at least one PADDING frame (the total length must be at least 1200 bytes). The Initial packet may also contain ACK, PING, and CONNECTION_CLOSE frames. The order of these frames, and also how they are interleaved or fragmented is up to the implementation.
• Token length The client may send a token from a previous message, and its length could be server-implementation dependent.
• Packet number The QUIC specifications do not require that the Client Initial packet starts with 0. In addition, because this is a variable-length integer, there are multiple valid ways to encode the same number. Implementations may choose to start at different values (e.g. 1 or random).
• QUIC transport parameters Inside the Client Hello, one of the extensions that must be included details QUIC-specific transport parameters. Currently, there are a few dozen defined. Many of these values pertain to flow control parameters that may be implementation-specific.