There was a talk last year at the 35c3 about that. Apparently there is a contents going on to determine the PQCrypto used in the future, but the algorithms are still very immature and most are being constantly broken by cryptanalysis.
I’m currently reading on Contextual Integrity which is a way of seeing privacy as contexts and information contained in them and privacy violations as information flowing from one context to another without consent of the person. A simple example is when a person tell a sexual partner that she/he has a STD that is probably very intimate information (shared in the context of the relationship) and not even close friends know about. If that partner were to tell it at a dinner with friends (general circle of friends) the other would feel violated in terms of privacy.
A short presentation with a very interesting Q&A (on 16:35) of the company were I spent a great deal of my browsing time to solve their CAPTCHAs in order to access websites. Also something that we knew already but is also depicted on the presentation is that they inspect and deal with some so much Internet traffic.
I will suggest you to read the very relevant article of KU Leuven, the authors were able to reveal which web pages a user that uses DoH visit with a very good accuracy. Quoting an excerpt from their evaluation results:
Our results show that, if we assume the adversary already knows that a user will visit a page out of a closed world of N pages, the attack achieves 94% accuracy on a world of 1,500 pages. Such a closed-world scenario may occur when the adversary has enough background knowledge about the user’s browsing behavior to narrow down the set of pages the user will visit.
Cloudflare also offers a resolver as a Tor onion service in order to resolve DNS queries over Tor . Tor re-packetizes DoH in Tor messages, also known Tor cells, that have the same size. Furthermore, DoH traffic is multiplexed with other Tor traffic (e.g., Tor control cells) in the same TLS tunnel. Our results show that Tor offers the highest-level of protection, reducing the success rate of the attack to 3.3%.
Cloudflare’s setup guide for tor DNS is described on their documentation. But be aware of the centralization issues of that, also described in the article:
Surprisingly, Mozilla made a move in the opposite direction, namely, toward centralizing the DNS infrastructure to a few remote DoH resolvers . Recently, Mozilla announced a partnership with Cloudflare to set Cloudflare’s resolver as the default DoH resolver in future Firefox releases [12, 13].
@vasilis, a question of mine still remains, does this prevent the ISP from knowing which websites you visit? Because the way I am thinking they still know which ip addresses you connect to after doing the DOH query. And just by having a table of well-known (ip-domain) table they can easily do the inverse resolving. So what exactly is the advantage of DOH other than the integrity aspect?
With the “traditional” DNS queries the ISPs know all your DNS queries. That translates into every domain even the ones that do not exist or accidental queries; for instance somebody pasting a password into a web browser address bar. Given that DoH/DoT will provide a lot more privacy as now the ISPs need to perform an attack in order to compute the encrypted DNS queries a user entered. Given that ISPs are gaining a lot of intellegince and most probably sell this information to 3rd parties, they will probably use these data and sell them as “aggregate data” leaving other entities to decrypt/correlate or find other innovative use cases.
Furthermore the protocol can drastically improve a lot by implementing padding of DNS queries, for instance Tor re-packetizes DoH in Tor cells and according to the researchers:
Our results show that Tor offers the highest-level of protection, reducing the success rate of the attack to 3.3%.
We also simulate constant padding, i.e., all TLS record packets are padded to have the size of the maximum TLS record observed in the dataset. This padding strategy, as shown on the table of Figure 7, defeats the classifier by reducing its success rate to less than 7%.
Figure 7: volume overheads of different padding-based defenses.
Finally, we measured the traffic volume overheads in the communication of each of the countermeasures we evaluated (boxplot at the bottom of Figure 7). Surprisingly, we observe that Tor guarantees as good protection as constant padding at a lower cost.