Map of Premises
Publications
Does Domain Name Encryption Increase Users' Privacy?
Title
Does Domain Name Encryption Increase Users' Privacy?
Type
Article in International Scientific Journal
Year
2020
Authors
Trevisan, M
(Author)
Other
The person does not belong to the institution.
The person does not belong to the institution.
The person does not belong to the institution.
Without AUTHENTICUS
Without ORCID
Soro, F
(Author)
Other
The person does not belong to the institution.
The person does not belong to the institution.
The person does not belong to the institution.
Without AUTHENTICUS
Without ORCID
Mellia, M
(Author)
Other
The person does not belong to the institution.
The person does not belong to the institution.
The person does not belong to the institution.
Without AUTHENTICUS
Without ORCID
Drago, I
(Author)
Other
The person does not belong to the institution.
The person does not belong to the institution.
The person does not belong to the institution.
Without AUTHENTICUS
Without ORCID
Ricardo Morla
(Author)
FEUP
View Personal Page
You do not have permissions to view the institutional email.
Search for Participant Publications
View Authenticus page
View ORCID page
Journal
Indexing
Other information
Authenticus ID:
P-00S-FC2
Abstract (EN):
Knowing domain names associated with traffic allows eavesdroppers to profile users without accessing packet payloads. Encrypting domain names transiting the network is, therefore, a key step to increase network confidentiality. Latest efforts include encrypting the TLS Server Name Indication (eSNI extension) and encrypting DNS traffic, with DNS over HTTPS (DoH) representing a prominent proposal. In this paper, we show that an attacker able to observe users' traffic relying on plain-text DNS can uncover the domain names of users relying on eSNI or DoH. By relying on large-scale network traces, we show that simplistic features and off-the-shelf machine learning models are sufficient to achieve surprisingly high precision and recall when recovering encrypted domain names. The triviality of the attack calls for further actions to protect privacy, in particular considering transient scenarios in which only a fraction of users will adopt these new privacy-enhancing technologies.
Language:
English
Type (Professor's evaluation):
Scientific
No. of pages:
6
Documents
We could not find any documents associated to the publication.
Related Publications
Of the same journal
XCP for shared-access multi-rate media (2006)
Article in International Scientific Journal
Filipe Abrantes; Manuel Ricardo
Article in International Scientific Journal
Filipe Abrantes; Manuel Ricardo
Defining more efficient transfer syntax for application layer PDUs in field bus applications (1992)
Article in International Scientific Journal
Artur Agostinho dos Santos Capelo Cardoso; Eduardo Tovar
Article in International Scientific Journal
Artur Agostinho dos Santos Capelo Cardoso; Eduardo Tovar
Copyright 1996-2025 © Faculdade de Direito da Universidade do Porto
I Terms and Conditions
I Acessibility
I Index A-Z
Page created on: 2025-07-13 at 06:17:31 | Privacy Policy | Personal Data Protection Policy | Whistleblowing
Page created on: 2025-07-13 at 06:17:31 | Privacy Policy | Personal Data Protection Policy | Whistleblowing