Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting

Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-b...

Full description

Bibliographic Details
Main Authors: Hoang Nguyen Phong, Niaki Arian Akhavan, Gill Phillipa, Polychronakis Michalis
Format: Article
Language:English
Published: Sciendo 2021-10-01
Series:Proceedings on Privacy Enhancing Technologies
Subjects:
domain name encryption
dot
doh
encrypted client hello
website fingerprinting
Online Access:https://doi.org/10.2478/popets-2021-0078
id doaj-1f65de6d051c4ead9a5b93b6198198d1
record_format Article
spelling doaj-1f65de6d051c4ead9a5b93b6198198d12021-09-05T14:01:11ZengSciendoProceedings on Privacy Enhancing Technologies2299-09842021-10-012021442044010.2478/popets-2021-0078Domain name encryption is not enough: privacy leakage via IP-based website fingerprintingHoang Nguyen Phong0Niaki Arian Akhavan1Gill Phillipa2Polychronakis Michalis3Stony Brook UniversityUniversity of Massachusetts -AmherstUniversity of Massachusetts - AmherstStony Brook UniversityAlthough the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-based load balancing, co-hosting of different websites on the same server, and IP address churn, all contribute towards making domain–IP mappings unstable, and prevent straightforward IP-based browsing tracking.https://doi.org/10.2478/popets-2021-0078domain name encryptiondotdohencrypted client hellowebsite fingerprinting
collection DOAJ
language English
format Article
sources DOAJ
author Hoang Nguyen Phong
Niaki Arian Akhavan
Gill Phillipa
Polychronakis Michalis
spellingShingle Hoang Nguyen Phong
Niaki Arian Akhavan
Gill Phillipa
Polychronakis Michalis
Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting
Proceedings on Privacy Enhancing Technologies
domain name encryption
dot
doh
encrypted client hello
website fingerprinting
author_facet Hoang Nguyen Phong
Niaki Arian Akhavan
Gill Phillipa
Polychronakis Michalis
author_sort Hoang Nguyen Phong
title Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting
title_short Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting
title_full Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting
title_fullStr Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting
title_full_unstemmed Domain name encryption is not enough: privacy leakage via IP-based website fingerprinting
title_sort domain name encryption is not enough: privacy leakage via ip-based website fingerprinting
publisher Sciendo
series Proceedings on Privacy Enhancing Technologies
issn 2299-0984
publishDate 2021-10-01
description Although the security benefits of domain name encryption technologies such as DNS over TLS (DoT), DNS over HTTPS (DoH), and Encrypted Client Hello (ECH) are clear, their positive impact on user privacy is weakened by—the still exposed—IP address information. However, content delivery networks, DNS-based load balancing, co-hosting of different websites on the same server, and IP address churn, all contribute towards making domain–IP mappings unstable, and prevent straightforward IP-based browsing tracking.
topic domain name encryption
dot
doh
encrypted client hello
website fingerprinting
url https://doi.org/10.2478/popets-2021-0078
work_keys_str_mv AT hoangnguyenphong domainnameencryptionisnotenoughprivacyleakageviaipbasedwebsitefingerprinting
AT niakiarianakhavan domainnameencryptionisnotenoughprivacyleakageviaipbasedwebsitefingerprinting
AT gillphillipa domainnameencryptionisnotenoughprivacyleakageviaipbasedwebsitefingerprinting
AT polychronakismichalis domainnameencryptionisnotenoughprivacyleakageviaipbasedwebsitefingerprinting
_version_ 1717810578587648000

Similar Items