All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Study reveals encrypted DNS still leaks metadata through plaintext headers, proposes header elision fix

By

Mirko Zorz

15d ago· 4 min readenNews

Summary

Encrypted DNS protocols (DoT, DoH, DoQ) protect query contents from eavesdroppers, but plaintext packet headers still expose DNS traffic flows. A new study examines this privacy gap in IoT contexts, where an attacker on a wireless link can identify, profile, or block devices by detecting DNS packets. The research proposes header elision as a method to close part of this vulnerability.

Source

bskyStudy reveals encrypted DNS still leaks metadata through plaintext headers, proposes header elision fixhelpnetsecurity.com

Key quotes

· 5 pulled
Encrypted DNS runs across much of the Internet.
The encryption covers the message inside each packet. The packet still carries plaintext headers, and those values mark a flow as DNS.
A new study measures this gap for the Internet of Things and offers a way to close part of it.
The team studied an eavesdropper on a wireless link between a small device and its gateway.
Such an attacker separates DNS packets from data packets, then blocks the DNS traffic, profiles the device, or runs DNS
Snippet from the RSS feed
Encrypted DNS privacy has a gap: plaintext headers still mark DNS flows. New research shows how header elision closes part of it.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.