Study reveals encrypted DNS still leaks metadata through plaintext headers, proposes header elision fix
By
Mirko Zorz
Summary
Encrypted DNS protocols (DoT, DoH, DoQ) protect query contents from eavesdroppers, but plaintext packet headers still expose DNS traffic flows. A new study examines this privacy gap in IoT contexts, where an attacker on a wireless link can identify, profile, or block devices by detecting DNS packets. The research proposes header elision as a method to close part of this vulnerability.
Source
Key quotes
· 5 pulledEncrypted DNS runs across much of the Internet.
The encryption covers the message inside each packet. The packet still carries plaintext headers, and those values mark a flow as DNS.
A new study measures this gap for the Internet of Things and offers a way to close part of it.
The team studied an eavesdropper on a wireless link between a small device and its gateway.
Such an attacker separates DNS packets from data packets, then blocks the DNS traffic, profiles the device, or runs DNS
You might also wanna read

Secure DNS for ESP32: A Quick Guide to ESP DNS Component
Security Vulnerability: Data Exfiltration via DNS Resolution with allowLocalBinding Enabled
The article demonstrates a security vulnerability where DNS resolution can be exploited for data exfiltration when the 'allowLocalBinding' s

Understanding DNS attacks: Identifying and patching vulnerabilities
Understanding the Controversy Surrounding DNS over HTTPS (DoH)
The article discusses the concept of DNS over HTTPS (DoH) and argues against its use, stating that it does not protect DNS queries from surv
How Encrypted DNS Protects Organizations
DNS Benchmarking Tool: Comprehensive Performance Testing with DNSSEC, DoH/DoT Support
The article describes a DNS benchmarking tool available on GitHub that provides comprehensive DNS performance testing capabilities. The tool

Comments
Sign in to join the conversation.
No comments yet. Be the first.