10

Recently, I notice that while using Google search, I am connecting to Google's server using UDP instead of TCP on both port 80 and port 443. It seems that Google is experimenting with some new technology related to SPDY QUIC or HTTP/2.0.

Since UDP is a connectionless protocol, it can be spoofed easily. Does this not make HTTPS over UDP insecure?

Question Overflow
  • 5,220
  • 6
  • 27
  • 48
  • Yes, [it's QUIC](http://www.chromium.org/quic), and relies on the transport being connectionless for some of its features. – user1686 Dec 15 '14 at 08:49

1 Answers1

13

HTTPS over UDP is secure. This is because the security of HTTPS doesn't use any of the properties of TCP except that it is a transport layer. Just like UDP, TCP is easy to spoof and manipulate. TCP is only to make things more reliable, not more secure. With UDP, packets can be doubled, missed or sent in the wrong order. TLS is a means to fix these issues. TLS works on UDP instead of TCP. But then those issues would make the encryption more likely to break on one side, and the connection would fail.

If you start to add error correction and other features to higher protocols like TLS, you basically re-build TCP, which is bad as then you have to maintain (and build) your own TCP stack with all the problems this introduces.

The UDP connections you are observing are most likely not SPDY, as SPDY uses TCP for transport.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
user10008
  • 4,315
  • 21
  • 33
  • 3
    note: TLS over UDP is 'well defined' as DTLS (datagram TLS). I have submitted an edit to include this in your comment, and to change what looked like a couple typos saying TLS instead of TCP when comparing transport protocols to UDP. Please correct (if edit is accepted) if I mistakenly changed your intent. – atk Dec 14 '14 at 05:49
  • Thanks. Can I say that reliability of a connection does not affect its security at all? – Question Overflow Dec 14 '14 at 12:23
  • 1
    @QuestionOverflow technically, reliability is related to security. For example, if the server is not reliably accessible, then it's DOS. However, UDP turns out to be surprisingly reliable and the impact upon reliability is likely to be so small that it is acceptable, – atk Dec 14 '14 at 13:24
  • 3
    What if [re-building TCP](http://www.chromium.org/quic) is the explicit intention? – user1686 Dec 15 '14 at 08:51
  • But what if only very small data transfer is needed? In this case, an udp packet interchange could be much more efficient, especially if there is no security concern or it is protected with tls. – peterh Dec 15 '14 at 18:35
  • @atk, What do you mean by "UDP is surprisingly reliable"? – Pacerier Dec 26 '16 at 23:05
  • @Pacerier While UDP specifically does not guarantee that datagrams will all make it to their destination, or arrive in order, in practice UDP tends to reflect the reliability of the underlying network. Since many networks (especially local networks) exhibit high reliability, UDP tends to exhibit that same high reliability. I've heard networking experts claim that UDP can be somreliable that we probably only need TCP for special cases. – atk Dec 27 '16 at 04:52
  • `Just like UDP, TCP is easy to spoof and manipulate.` This isn't true at all. TCP _cannot_ be spoofed, you need to MITM a connection to modify anything. Spoofing it requires TCP hijacking attacks and predicting sequence numbers, which is really quite difficult. As for UDP being "highly reliable", the issue isn't always that packets will be lost or sent out of order. The issue is often that traffic is sent too fast (especially over a local network, which you claim is the most reliable), and it will start dropping datagrams. – forest Dec 12 '17 at 14:39
  • SDP does not use TCP, because SDP is a format, not a communications protocol. SDP can be used over any medium, like WebSockets, http, or carrier pigeons with sticky note. – Ben Butterworth Sep 03 '20 at 08:39