English
Related papers

Related papers: PDoT: Private DNS-over-TLS with TEE Support

200 papers

The domain name resolution into IP addresses can significantly delay connection establishments on the web. Moreover, the common use of recursive DNS resolvers presents a privacy risk as they can closely monitor the user's browsing…

Networking and Internet Architecture · Computer Science 2019-08-14 Erik Sy

Intel Trust Domain Extensions (TDX) is a new architectural extension in the 4th Generation Intel Xeon Scalable Processor that supports confidential computing. TDX allows the deployment of virtual machines in the Secure-Arbitration Mode…

Cryptography and Security · Computer Science 2023-03-29 Pau-Chen Cheng , Wojciech Ozga , Enriquillo Valdez , Salman Ahmed , Zhongshu Gu , Hani Jamjoom , Hubertus Franke , James Bottomley

Unencrypted DNS traffic between users and DNS resolvers can lead to privacy and security concerns. In response to these privacy risks, many browser vendors have deployed DNS-over-HTTPS (DoH) to encrypt queries between users and DNS…

Cryptography and Security · Computer Science 2025-10-31 Ranya Sharma , Nick Feamster

Fully homomorphic encryption (FHE) and trusted execution environments (TEE) are two approaches to provide confidentiality during data processing. Each approach has its own strengths and weaknesses. In certain scenarios, computations can be…

Cryptography and Security · Computer Science 2025-05-28 Romain de Laage

The Domain Name System (DNS) is one of the most crucial parts of the Internet. Although the original standard defined the usage of DNS over UDP (DoUDP) as well as DNS over TCP (DoTCP), UDP has become the predominant protocol used in the…

Networking and Internet Architecture · Computer Science 2022-07-19 Mike Kosek , Trinh Viet Doan , Simon Huber , Vaibhav Bajpai

Data theft and leakage, caused by external adversaries and insiders, demonstrate the need for protecting user data. Trusted Execution Environments (TEEs) offer a promising solution by creating secure environments that protect data and code…

Cryptography and Security · Computer Science 2024-11-05 Kosei Akama , Yoshimichi Nakatsuka , Korry Luke , Masaaki Sato , Keisuke Uehara

Detecting Domain Name System (DNS) tunneling is a significant challenge in security due to its capacity to hide harmful actions within DNS traffic that appears to be normal and legitimate. Traditional detection methods are based on…

Cryptography and Security · Computer Science 2025-07-15 Novruz Amirov , Baran Isik , Bilal Ihsan Tuncer , Serif Bahtiyar

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that encrypted DNS is still sensitive to traffic analysis. As a consequence, RFC…

Cryptography and Security · Computer Science 2019-07-03 Jonas Bushart , Christian Rossow

Secure communication is an integral feature of many Internet services. The widely deployed TLS protects reliable transport protocols. DTLS extends TLS security services to protocols relying on plain UDP packet transport, such as VoIP or IoT…

Networking and Internet Architecture · Computer Science 2019-04-26 Sebastian Gallenmüller , Dominik Schöffmann , Dominik Scholz , Fabien Geyer , Georg Carle

In this paper, we study the performance of encrypted DNS protocols and conventional DNS from thousands of home networks in the United States, over one month in 2020. We perform these measurements from the homes of 2,693 participating…

Networking and Internet Architecture · Computer Science 2021-07-29 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

Internet traffic is increasingly encrypted. While this protects the confidentiality and integrity of communication, it prevents network monitoring systems (NMS) and intrusion detection systems (IDSs) from effectively analyzing the now…

Cryptography and Security · Computer Science 2021-04-21 Florian Wilkens , Steffen Haas , Johanna Amann , Mathias Fischer

There is an urgent demand for privacy-preserving techniques capable of supporting compute and data intensive (CDI) computing in the era of big data. However, none of existing TEEs can truly support CDI computing tasks, as CDI requires high…

Cryptography and Security · Computer Science 2019-04-15 Jianping Zhu , Rui Hou , XiaoFeng Wang , Wenhao Wang , Jiangfeng Cao , Lutan Zhao , Fengkai Yuan , Peinan Li , Zhongpu Wang , Boyan Zhao , Lixin Zhang , Dan Meng

Confidential Computing has emerged to address data security challenges in cloud-centric deployments by protecting data in use through hardware-level isolation. However, reliance on a single hardware root of trust (RoT) limits user…

Cryptography and Security · Computer Science 2024-12-13 Ketong Shang , Jiangnan Lin , Yu Qin , Muyan Shen , Hongzhan Ma , Wei Feng , Dengguo Feng

With the increased use of Internet, governments and large companies store and share massive amounts of personal data in such a way that leaves no space for transparency. When a user needs to achieve a simple task like applying for college…

Distributed, Parallel, and Cluster Computing · Computer Science 2017-08-31 Sinica Alboaie , Doina Cosovan

We present a method to secure the complete path between a server and the local human user at a network node. This is useful for scenarios like internet banking, electronic signatures, or online voting. Protection of input authenticity and…

Cryptography and Security · Computer Science 2007-05-23 Hanno Langweg , Tommy Kristiansen

Security and privacy concerns in computer systems have grown in importance with the ubiquity of connected devices. TEEs provide security guarantees based on cryptographic constructs built in hardware. Intel software guard extensions (SGX),…

Cryptography and Security · Computer Science 2020-03-12 Rafael Pereira Pires

The Tor anonymity network allows users such as political activists and those under repressive governments to protect their privacy when communicating over the internet. At the same time, Tor has been demonstrated to be vulnerable to several…

Cryptography and Security · Computer Science 2024-08-28 Rachel King , Quinn Burke , Yohan Beugin , Blaine Hoak , Kunyang Li , Eric Pauley , Ryan Sheatsley , Patrick McDaniel

We present DarkneTZ, a framework that uses an edge device's Trusted Execution Environment (TEE) in conjunction with model partitioning to limit the attack surface against Deep Neural Networks (DNNs). Increasingly, edge devices (smartphones…

In this paper, we investigate the Domain Name System (DNS) over QUIC (DoQ) and propose a non-disruptive extension, which can greatly reduce DoQ's resource consumption. This extension can benefit all DNS clients - especially Internet of…

Networking and Internet Architecture · Computer Science 2025-07-10 Darius Saif , Ashraf Matrawy

With the increasing popularity of Internet of Things (IoT) devices, security concerns have become a major challenge: confidential information is constantly being transmitted (sometimes inadvertently) from user devices to untrusted cloud…

Cryptography and Security · Computer Science 2023-05-05 Peterson Yuhala