English
Related papers

Related papers: PDoT: Private DNS-over-TLS with TEE Support

200 papers

Confidential services running in hardware-protected Trusted Execution Environments (TEEs) can provide higher security assurance, but this requires custom clients and protocols to distribute, update, and verify their attestation evidence.…

Cryptography and Security · Computer Science 2025-03-20 Antoine Delignat-Lavaud , Cédric Fournet , Kapil Vaswani , Manuel Costa , Sylvan Clebsch , Christoph M. Wintersteiger

There has been a growing interest in Internet user privacy, demonstrated by the popularity of privacy-preserving products such as Telegram and Brave, and the widespread adoption of HTTPS. The Domain Name System (DNS) is a key component of…

Networking and Internet Architecture · Computer Science 2025-07-29 Yunming Xiao , Peizhi Liu , Ruijie Yu , Chenkai Weng , Matteo Varvello , Aleksandar Kuzmanovic

Emerging protocols such as DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) improve the privacy of DNS queries and responses. While this trend towards encryption is positive, deployment of these protocols has in some cases resulted in further…

Networking and Internet Architecture · Computer Science 2021-09-23 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

The absence of security and privacy measures between DNS recursive resolvers and authoritative nameservers has been exploited by both on-path and off-path attackers. Although numerous security proposals have been introduced in practice and…

Cryptography and Security · Computer Science 2025-06-27 Ali Sadeghi Jahromi , AbdelRahman Abdou , Paul C. van Oorschot

The Domain Name System (DNS) is the foundation of a human-usable Internet, responding to client queries for host-names with corresponding IP addresses and records. Traditional DNS is also unencrypted, and leaks user information to network…

The Domain Name System (DNS) is central to all Internet user activity, resolving accessed domain names into Internet Protocol (IP) addresses. As a result, curious DNS resolvers can learn everything about Internet users' interests. Public…

Cryptography and Security · Computer Science 2025-09-30 Philip Sjösvärd , Hongyu Jin , Panos Papadimitratos

Domain name system communication may provide sensitive information on users' Internet activity. DNS-over-TLS and DNS-over-HTTPS are proposals aiming at increasing the privacy of Internet end users. In this paper we present an overview of…

Networking and Internet Architecture · Computer Science 2022-04-11 Kamil Jerabek , Ondrej Rysavy , Ivana Burgetova

DNS is a vital component for almost every networked application. Originally it was designed as an unencrypted protocol, making user security a concern. DNS-over-HTTPS (DoH) is the latest proposal to make name resolution more secure. In this…

Networking and Internet Architecture · Computer Science 2019-09-16 Timm Boettger , Felix Cuadrado , Gianni Antichi , Eder Leao Fernandes , Gareth Tyson , Ignacio Castro , Steve Uhlig

Privacy leaks are an unfortunate and an integral part of the current Internet domain name resolution. Each DNS query generated by a user reveals -- to one or more DNS servers -- the origin and target of that query. Over time, a user's…

Cryptography and Security · Computer Science 2015-03-13 Yanbin Lu , Gene Tsudik

The Domain Name System (DNS) is both a key determinant of users' quality of experience (QoE) and privy to their tastes, preferences, and even the devices they own. Growing concern about user privacy and QoE has brought a number of…

Cryptography and Security · Computer Science 2023-02-28 Rashna Kumar , Fabián E. Bustamante

We present Private Data Objects (PDOs), a technology that enables mutually untrusted parties to run smart contracts over private data. PDOs result from the integration of a distributed ledger and Intel Secure Guard Extensions (SGX). In…

Cryptography and Security · Computer Science 2018-11-07 Mic Bowman , Andrea Miele , Michael Steiner , Bruno Vavala

The Domain Name System (DNS) serves as the backbone of the Internet, primarily translating domain names to IP addresses. Over time, various enhancements have been introduced to strengthen the integrity of DNS. Among these, DNSSEC stands out…

Cryptography and Security · Computer Science 2025-12-09 Aduma Rishith , Aditya Kulkarni , Tamal Das , Vivek Balachandran

Existing Bluetooth-based Private Contact Tracing (PCT) systems can privately detect whether people have come into direct contact with COVID-19 patients. However, we find that the existing systems lack functionality and flexibility, which…

Cryptography and Security · Computer Science 2022-01-03 Fumiyuki Kato , Yang Cao , Masatoshi Yoshikawa

Most TLS clients such as modern web browsers enforce coarse-grained TLS security configurations. They support legacy versions of the protocol that have known design weaknesses, and weak ciphersuites that provide fewer security guarantees…

Cryptography and Security · Computer Science 2018-09-18 Eman Salem Alashwali , Pawel Szalachowski

Over the last decade, Web traffic has significantly shifted towards HTTPS due to an increased awareness for privacy. However, DNS traffic is still largely unencrypted, which allows user profiles to be derived from plaintext DNS queries.…

Networking and Internet Architecture · Computer Science 2023-05-04 Mike Kosek , Luca Schumann , Robin Marx , Trinh Viet Doan , Vaibhav Bajpai

Virtually every Internet communication typically involves a Domain Name System (DNS) lookup for the destination server that the client wants to communicate with. Operators of DNS recursive resolvers---the machines that receive a client's…

Networking and Internet Architecture · Computer Science 2022-01-25 Paul Schmitt , Anne Edmundson , Nick Feamster

Virtually every connection to an Internet service is preceded by a DNS lookup which is performed without any traffic-level protection, thus enabling manipulation, redirection, surveillance, and censorship. To address these issues, large…

Cryptography and Security · Computer Science 2019-10-08 Sandra Siby , Marc Juarez , Claudia Diaz , Narseo Vallina-Rodriguez , Carmela Troncoso

Users can improve the security of remote communications by using Trusted Execution Environments (TEEs) to protect against direct introspection and tampering of sensitive data. This can even be done with applications coded in high-level…

Cryptography and Security · Computer Science 2021-02-11 Hyun Bin Lee , Tushar M. Jois , Christopher W. Fletcher , Carl A. Gunter

The DNS (Domain Name System) protocol has been in use since the early days of the Internet. Although DNS as a de facto networking protocol had no security considerations in its early years, there have been many security enhancements, such…

Cryptography and Security · Computer Science 2025-02-17 Abdullah Aydeger , Sanzida Hoque , Engin Zeydan , Kapal Dev

The DNS is one of the most crucial parts of the Internet. Since the original DNS specifications defined UDP and TCP as the underlying transport protocols, DNS queries are inherently unencrypted, making them vulnerable to eavesdropping and…

Networking and Internet Architecture · Computer Science 2022-07-19 Mike Kosek , Trinh Viet Doan , Malte Granderath , Vaibhav Bajpai
‹ Prev 1 2 3 10 Next ›