English
Related papers

Related papers: Encryption without Centralization: Distributing DN…

200 papers

Centralized DNS over HTTPS/TLS (DoH/DoT) resolution, which has started being deployed by major hosting providers and web browsers, has sparked controversy among Internet activists and privacy advocates due to several privacy concerns. This…

Networking and Internet Architecture · Computer Science 2020-02-19 Nguyen Phong Hoang , Ivan Lin , Seyedhamed Ghavamnia , Michalis Polychronakis

Unencrypted DNS traffic between users and DNS resolvers can lead to privacy and security concerns. In response to these privacy risks, many browser vendors have deployed DNS-over-HTTPS (DoH) to encrypt queries between users and DNS…

Cryptography and Security · Computer Science 2025-10-31 Ranya Sharma , Nick Feamster

The domain name resolution into IP addresses can significantly delay connection establishments on the web. Moreover, the common use of recursive DNS resolvers presents a privacy risk as they can closely monitor the user's browsing…

Networking and Internet Architecture · Computer Science 2019-08-14 Erik Sy

In this paper, we study the performance of encrypted DNS protocols and conventional DNS from thousands of home networks in the United States, over one month in 2020. We perform these measurements from the homes of 2,693 participating…

Networking and Internet Architecture · Computer Science 2021-07-29 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

The Domain Name System (DNS) is both a key determinant of users' quality of experience (QoE) and privy to their tastes, preferences, and even the devices they own. Growing concern about user privacy and QoE has brought a number of…

Cryptography and Security · Computer Science 2023-02-28 Rashna Kumar , Fabián E. Bustamante

The Domain Name System (DNS) is central to all Internet user activity, resolving accessed domain names into Internet Protocol (IP) addresses. As a result, curious DNS resolvers can learn everything about Internet users' interests. Public…

Cryptography and Security · Computer Science 2025-09-30 Philip Sjösvärd , Hongyu Jin , Panos Papadimitratos

Virtually every connection to an Internet service is preceded by a DNS lookup which is performed without any traffic-level protection, thus enabling manipulation, redirection, surveillance, and censorship. To address these issues, large…

Cryptography and Security · Computer Science 2019-10-08 Sandra Siby , Marc Juarez , Claudia Diaz , Narseo Vallina-Rodriguez , Carmela Troncoso

The absence of security and privacy measures between DNS recursive resolvers and authoritative nameservers has been exploited by both on-path and off-path attackers. Although numerous security proposals have been introduced in practice and…

Cryptography and Security · Computer Science 2025-06-27 Ali Sadeghi Jahromi , AbdelRahman Abdou , Paul C. van Oorschot

DNS is a vital component for almost every networked application. Originally it was designed as an unencrypted protocol, making user security a concern. DNS-over-HTTPS (DoH) is the latest proposal to make name resolution more secure. In this…

Networking and Internet Architecture · Computer Science 2019-09-16 Timm Boettger , Felix Cuadrado , Gianni Antichi , Eder Leao Fernandes , Gareth Tyson , Ignacio Castro , Steve Uhlig

The Domain Name System (DNS) is the foundation of a human-usable Internet, responding to client queries for host-names with corresponding IP addresses and records. Traditional DNS is also unencrypted, and leaks user information to network…

The DNS (Domain Name System) protocol has been in use since the early days of the Internet. Although DNS as a de facto networking protocol had no security considerations in its early years, there have been many security enhancements, such…

Cryptography and Security · Computer Science 2025-02-17 Abdullah Aydeger , Sanzida Hoque , Engin Zeydan , Kapal Dev

Over the last decade, Web traffic has significantly shifted towards HTTPS due to an increased awareness for privacy. However, DNS traffic is still largely unencrypted, which allows user profiles to be derived from plaintext DNS queries.…

Networking and Internet Architecture · Computer Science 2023-05-04 Mike Kosek , Luca Schumann , Robin Marx , Trinh Viet Doan , Vaibhav Bajpai

Nearly every service on the Internet relies on the Domain Name System (DNS), which translates a human-readable name to an IP address before two endpoints can communicate. Today, DNS traffic is unencrypted, leaving users vulnerable to…

Networking and Internet Architecture · Computer Science 2020-02-25 Austin Hounsel , Kevin Borgolte , Paul Schmitt , Jordan Holland , Nick Feamster

There has been a growing interest in Internet user privacy, demonstrated by the popularity of privacy-preserving products such as Telegram and Brave, and the widespread adoption of HTTPS. The Domain Name System (DNS) is a key component of…

Networking and Internet Architecture · Computer Science 2025-07-29 Yunming Xiao , Peizhi Liu , Ruijie Yu , Chenkai Weng , Matteo Varvello , Aleksandar Kuzmanovic

The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol (IP) addresses plays a foundational role for Internet communications. By default, DNS queries and responses are exchanged in unencrypted plaintext, and…

Cryptography and Security · Computer Science 2024-07-08 Minzhao Lyu , Hassan Habibi Gharakheili , Vijay Sivaraman

The DNS is one of the most crucial parts of the Internet. Since the original DNS specifications defined UDP and TCP as the underlying transport protocols, DNS queries are inherently unencrypted, making them vulnerable to eavesdropping and…

Networking and Internet Architecture · Computer Science 2022-07-19 Mike Kosek , Trinh Viet Doan , Malte Granderath , Vaibhav Bajpai

Recent developments to encrypt the Domain Name System (DNS) have resulted in major browser and operating system vendors deploying encrypted DNS functionality, often enabling various configurations and settings by default. In many cases,…

Cryptography and Security · Computer Science 2023-02-22 Alexandra Nisenoff , Ranya Sharma , Nick Feamster

Privacy leaks are an unfortunate and an integral part of the current Internet domain name resolution. Each DNS query generated by a user reveals -- to one or more DNS servers -- the origin and target of that query. Over time, a user's…

Cryptography and Security · Computer Science 2015-03-13 Yanbin Lu , Gene Tsudik

Virtually every Internet communication typically involves a Domain Name System (DNS) lookup for the destination server that the client wants to communicate with. Operators of DNS recursive resolvers---the machines that receive a client's…

Networking and Internet Architecture · Computer Science 2022-01-25 Paul Schmitt , Anne Edmundson , Nick Feamster

Many applications and protocols depend on the ability to generate a pool of servers to conduct majority-based consensus mechanisms and often this is done by doing plain DNS queries. A recent off-path attack [1] against NTP and security…

Cryptography and Security · Computer Science 2020-10-20 Philipp Jeitner , Haya Shulman , Michael Waidner
‹ Prev 1 2 3 10 Next ›