CYPHONIC-over-QUIC: Secure End-to-End Communication Architecture Traversing Firewalls/NATs

Abstract

CYber PHysical overlay network over Internet Communication (CYPHONIC) has been proposed as a communication architecture that simultaneously achieves communication connectivity and mobility transparency in a mixed IPv4/IPv6 environment. Using CYPHONIC, applications running on mobile devices and IoT devices can realize end-to-end encrypted communication across an overlay network. However, if firewalls installed on the communication path between end nodes do not allow the CYPHONIC protocol, the overlay network cannot be constructed. This paper proposes CYPHONIC-over-QUIC, which integrates QUIC, a standardized general-purpose transport protocol designed for web communications, into CYPHONIC to provide end-to-end encrypted communications that can pass through firewalls and NATs. We implemented CYPHONIC-over-QUIC on two Raspberry Pi 4s and Linux servers running on AWS EC2, and evaluated its communication performance using the actual Internet environment. As a result, we confirmed that the signaling process at the start of communication does not affect the application communication and that the throughput performance is equivalent to that of the conventional CYPHONIC.