Proceedings 2021 Network and Distributed System Security Symposium 2021
DOI: 10.14722/ndss.2021.24074
|View full text |Cite
|
Sign up to set email alerts
|

QPEP: An Actionable Approach to Secure and Performant Broadband From Geostationary Orbit

Abstract: Satellite broadband services are critical infrastructures, bringing connectivity to the most remote regions of the globe. However, due to performance concerns, many geostationary satellite broadband services are unencrypted and vulnerable to long-range eavesdropping attacks. This paper delves into the underlying cause of these issues, presenting the case that the widespread use of Performance Enhancing Proxies (PEPs) for TCP optimization has created a security/performance trade-off. A review of previous mitiga… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

1
11
0

Year Published

2021
2021
2024
2024

Publication Types

Select...
3
3

Relationship

0
6

Authors

Journals

citations
Cited by 12 publications
(12 citation statements)
references
References 22 publications
1
11
0
Order By: Relevance
“…In order to determine a typical one-way delay for LEO orbits, we perform ∼600k RTT measurements from a vantage point in Central Europe over a period of one week using Starlink [1], where we find a median first hop RTT of ∼32ms (mean ∼33ms). While we acknowledge that the first hop RTT in LEO constellations changes due to the movement of the satellites, we observe relatively constant RTTs for at least 30 consecutive seconds, which is in line with the observations of Kassing et al [25] and Pavur et al [14]. As our measurements do not exceed a duration of 20s, we set the SATCOM LEO one-way delay to a static value of 16ms (1/2 RTT).…”
Section: Discussionsupporting
confidence: 89%
See 2 more Smart Citations
“…In order to determine a typical one-way delay for LEO orbits, we perform ∼600k RTT measurements from a vantage point in Central Europe over a period of one week using Starlink [1], where we find a median first hop RTT of ∼32ms (mean ∼33ms). While we acknowledge that the first hop RTT in LEO constellations changes due to the movement of the satellites, we observe relatively constant RTTs for at least 30 consecutive seconds, which is in line with the observations of Kassing et al [25] and Pavur et al [14]. As our measurements do not exceed a duration of 20s, we set the SATCOM LEO one-way delay to a static value of 16ms (1/2 RTT).…”
Section: Discussionsupporting
confidence: 89%
“…Lastly, the attenuation is configured with 0dB, i.e., no signal damping, and the packet loss rate is chosen from 0, 0.01, 0.1, and 1%. While the transport layer loss is considered to range from nearly 0% (where almost all errors are corrected by the link-layer) up to 0.01% in real world satellite conditions [14], we include 0.1 and 1% loss conditions in order to evaluate edge cases.…”
Section: Discussionmentioning
confidence: 99%
See 1 more Smart Citation
“…Pavur et al [22] design and implement QPEP, an opensource PEP/VPN hybrid based on the QUIC standard that has the potential to encrypt all traffic over a satellite link. Their experiments show QPEP provides up to 72% faster page load times compared to traditional VPN encryption.…”
Section: A Performance Enhancing Proxiesmentioning
confidence: 99%
“…For the regular bubble, it would be possible to rely on transport/application layer security measures listed in Table V, but this still leaves open security threats that may be unacceptable to MC users. An alternative approach based on the QUIC protocol and specifically designed for the GEO satellite links, QPEP, has been proposed recently [146]. However, more work is needed, to verify its compatibility with the MC services and requirements.…”
Section: Approachmentioning
confidence: 99%