Large Scale Analysis of DoH Deployment on the Internet
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F63839172%3A_____%2F22%3A10133481" target="_blank" >RIV/63839172:_____/22:10133481 - isvavai.cz</a>
Alternative codes found
RIV/68407700:21230/22:00360795 RIV/68407700:21240/22:00360795
Result on the web
<a href="https://link.springer.com/chapter/10.1007/978-3-031-17143-7_8" target="_blank" >https://link.springer.com/chapter/10.1007/978-3-031-17143-7_8</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-031-17143-7_8" target="_blank" >10.1007/978-3-031-17143-7_8</a>
Alternative languages
Result language
angličtina
Original language name
Large Scale Analysis of DoH Deployment on the Internet
Original language description
DNS over HTTPS (DoH) is one of the standards to protect the security and privacy of users. The choice of DoH provider has controversial consequences, from monopolisation of surveillance to lost visibility by network administrators and security providers. More importantly, it is a novel security business. Software products and organisations depend on users choosing well-known and trusted DoH resolvers. However, there is no comprehensive study on the number of DoH resolvers on the Internet, its growth, and the trustworthiness of the organisations behind them. This paper studies the deployment of DoH resolvers by (i) scanning the whole Internet for DoH resolvers in 2021 and 2022; (ii) creating lists of well-known DoH resolvers by the community; (iii) characterising what those resolvers are, (iv) comparing the growth and differences. Results show that (i) the number of DoH resolvers increased 4.8 times in the period 2021-2022, (ii) the number of organisations providing DoH services has doubled, and (iii) the number of DoH resolvers in 2022 is 28 times larger than the number of well-known DoH resolvers by the community. Moreover, 94% of the public DoH resolvers on the Internet are unknown to the community, 77% use certificates from free services, and 57% belong to unknown organisations or personal servers. We conclude that the number of DoH resolvers is growing at a fast rate; also that at least 30% of them are not completely trustworthy and users should be very careful when choosing a DoH resolver.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
20202 - Communication engineering and systems
Result continuities
Project
<a href="/en/project/VJ02010024" target="_blank" >VJ02010024: Flow-based Encrypted Traffic Analysis</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2022
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Computer Security – ESORICS 2022
ISBN
978-3-031-17142-0
ISSN
0302-9743
e-ISSN
—
Number of pages
21
Pages from-to
145-165
Publisher name
Springer International Publishing AG
Place of publication
Cham, Switzerland
Event location
Kodaň, Dánské Království
Event date
Sep 26, 2022
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
000866567700008