Secure Address Allocation Mechanism in QUIC-based Protocols

The emerging QUIC protocol provides efficient migration of IP addresses in a device without breaking the existing connection. This mechanism has been exploited in MIMIQ to provide user privacy and obstruct traffic analysis attacks. The frequent change of a device’s IP address thwarts traffic analysis attacks, and hinders the derivation of user behavioral patterns. This protocol can be useful for ISPs to provide privacy-preserving telecom services. In the original paper of MIMIQ, the authors demonstrate a proof-of-concept (POC) implementation on a single switch. This is a simplified example that is not scalable for real-world applications. In this project, we aim to implement MIMIQ on a user application. To make it easier to adapt, we implement it as a plug-in service on popular QUIC implementations. In the original POC, the address allocation scheme was naive and detailed analysis can reveal the user identity. In this article, we study the security properties of MIMIQ and propose an efficient, secure, and scalable address allocation mechanism.