News
Microsoft Bringing SMB Over QUIC to Windows
Microsoft is working on Server Message Block (SMB) over QUIC technology for use with "Windows, Windows Server, and Azure Files," according to a Monday announcement.
SMB over QUIC can serve as a virtual private network (VPN) alternative for securing mobile device connections. It can optionally replace "TCP/IP and RDMA" (Remote Direct Memory Access) protocols, as well, explained Ned Pyle, a principal program manager in the Windows Server engineering group. QUIC is seen as being a more secure protocol than TCP.
"Unlike TCP, QUIC is always encrypted and requires TLS 1.3 [Transport Layer Security 1.3] with certificate authentication of the tunnel," Pyle added.
By using SMB over QUIC, Microsoft will just be replacing the transport protocol part.
"All SMB authentication still happens normally within the TLS tunnel (as if it was a VPN) so SMB is not relying on cert-based identity or auth -- it will still use NTLM or Kerberos (with KDC proxy)," Pyle explained in the comments section of Microsoft's announcement. "This model is just swapping out the transport, SMB is unchanged."
The idea behind SMB over QUIC is to prevent spoofing and man-in-the-middle attacks, including "NTLM [Windows NT LAN Manager] challenges," Pyle indicated. He also explained that the user experience won't change. TCP and RDMA get used, but QUIC transport also happens, and the end result is "seamless to the end user and their apps."
Pyle said that "QUIC's already in use in Windows 10 through the Edge browser and other apps," but the arrival time for SMB over QUIC isn't yet known. He showed a demo of it, though, in the announcement.
QUIC, which stands for "Quick UDP Internet Connections," was developed by Google, which has its own "gQUIC" version that's currently used in Google Chrome Web browsers, according to Wikipedia's description.
The Internet Engineering Task Force (IETF) currently maintains a draft of QUIC, but "QUIC" is considered to be the name of the protocol and not an acronym, according to the IETF. Wikipedia further explained that the IETF is planning to name "the HTTP mapping over QUIC 'HTTP/3' in advance of making it a worldwide standard."
About the Author
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.