Privacy Illusion: Beware of Unpadded DoH

DNS over HTTPS (DoH) has been created with ambitions to improve the privacy of users on the internet. Domain names that are being resolved by DoH are transferred via an encrypted channel, ensures nobody should be able to read the content. However, even though the communication is encrypted, we show that it still leaks some private information, which can be misused. Therefore, this paper studies the behavior of the DoH protocol implementation in Firefox and Chrome web-browsers, and the level of detail that can be revealed by observing and analyzing packet-level information. The aim of this paper is to evaluate and highlight discovered privacy weaknesses hidden in DoH. By the trained machine learning classifier, it is possible to infer individual domain names only from the captured encrypted DoH connection. The resulting trained classifier can infer domain name from encrypted DNS traffic with surprisingly high accuracy up to 90% on HTTP 1.1, and up to 70% on HTTP 2 protocol.

[1]  Paul V. Mockapetris,et al.  Domain names: Concepts and facilities , 1983, RFC.

[2]  David L. Waltz,et al.  Toward memory-based reasoning , 1986, CACM.

[3]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[4]  David H. Wolpert,et al.  Stacked generalization , 1992, Neural Networks.

[5]  Alberto Maria Segre,et al.  Programs for Machine Learning , 1994 .

[6]  Yoav Freund,et al.  Experiments with a New Boosting Algorithm , 1996, ICML.

[7]  Leo Breiman,et al.  Bagging Predictors , 1996, Machine Learning.

[8]  tcpdump Tcpdump/Libpcap public repository , 2010 .

[9]  Rui Wang,et al.  Side-Channel Leaks in Web Applications: A Reality Today, a Challenge Tomorrow , 2010, 2010 IEEE Symposium on Security and Privacy.

[10]  Thomas Engel,et al.  Website fingerprinting in onion routing based anonymization networks , 2011, WPES.

[11]  Haya Shulman Pretty Bad Privacy: Pitfalls of DNS Encryption , 2014, WPES.

[12]  Stephane Bortzmeyer,et al.  DNS Privacy Considerations , 2015, RFC.

[13]  Martin Thomson,et al.  Hypertext Transfer Protocol Version 2 (HTTP/2) , 2015, RFC.

[14]  Roberto Peon,et al.  HPACK: Header Compression for HTTP/2 , 2015, RFC.

[15]  Alexander Mayrhofer,et al.  The EDNS(0) Padding Option , 2016, RFC.

[16]  George Danezis,et al.  k-fingerprinting: A Robust Scalable Website Fingerprinting Technique , 2015, USENIX Security Symposium.

[17]  Paul E. Hoffman,et al.  DNS Queries over HTTPS (DoH) , 2018, RFC.

[18]  Carmela Troncoso,et al.  DNS Privacy not so private: the traffic analysis perspective , 2018 .

[19]  Nick Feamster,et al.  How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem , 2019, SSRN Electronic Journal.

[20]  Carmela Troncoso,et al.  Encrypted DNS -> Privacy? A Traffic Analysis Perspective , 2019, NDSS.

[21]  Christian Rossow,et al.  Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS , 2019, FOCI @ USENIX Security Symposium.

[22]  Karel Hynek,et al.  DoH Insight: detecting DNS over HTTPS by machine learning , 2020, ARES.

[23]  Karel Hynek,et al.  Dataset used for fingerprinting of DNS over HTTPS responses. , 2020 .