{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,8]],"date-time":"2026-05-08T16:44:48Z","timestamp":1778258688808,"version":"3.51.4"},"reference-count":59,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2023,4,30]],"date-time":"2023-04-30T00:00:00Z","timestamp":1682812800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGCOMM Comput. Commun. Rev."],"published-print":{"date-parts":[[2023,4,30]]},"abstract":"<jats:p>End-users are concerned about protecting the privacy of their sensitive personal data that are generated while working on information systems. This extends to both the data they actively provide including personal identification in exchange for products and services as well as its related metadata such as unnecessary access to their location. This is when certain privacy-preserving technologies come into a place where Internet Engineering Task Force (IETF) plays a major role in incorporating such technologies at the fundamental level. Thus, this paper offers an overview of the privacy-preserving mechanisms for layer 3 (i.e. IP) and above that are currently under standardization at the IETF. This includes encrypted DNS at layer 5 classified as DNS-over-TLS (DoT), DNS-over-HTTPS (DoH), and DNS-over-QUIC (DoQ) where the underlying technologies like QUIC belong to layer 4. Followed by that, we discuss Privacy Pass Protocol and its application in generating Private Access Tokens and Passkeys to replace passwords for authentication at the application layer (i.e. end-user devices). Lastly, to protect user privacy at the IP level, Private Relays and MASQUE are discussed. This aims to make designers, implementers, and users of the Internet aware of privacy-related design choices.<\/jats:p>","DOI":"10.1145\/3610381.3610385","type":"journal-article","created":{"date-parts":[[2023,7,19]],"date-time":"2023-07-19T20:08:51Z","timestamp":1689797331000},"page":"22-30","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Recent Trends on Privacy-Preserving Technologies under Standardization at the IETF"],"prefix":"10.1145","volume":"53","author":[{"given":"Pratyush","family":"Dikshit","sequence":"first","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, DE"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jayasree","family":"Sengupta","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, DE"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vaibhav","family":"Bajpai","sequence":"additional","affiliation":[{"name":"CISPA Helmholtz Center for Information Security, DE"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,7,19]]},"reference":[{"key":"e_1_2_1_1_1","first-page":"1","article-title":"A mission statement for the IETF","volume":"3935","author":"Alvestrand Harald Tveit","year":"2004","unstructured":"Harald Tveit Alvestrand . A mission statement for the IETF . RFC , 3935 : 1 -- 7 , 2004 . https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc3935.txt.pdf. Harald Tveit Alvestrand. A mission statement for the IETF. RFC, 3935:1--7, 2004. https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc3935.txt.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_2_1","volume-title":"Detecting Unwanted Location Trackers. https:\/\/datatracker.ietf.org\/doc\/html\/draft-detecting-unwanted-location-trackers-00","author":"Ledvina B. Detwiler B.","year":"2023","unstructured":"B. Detwiler B. Ledvina , Z. Eddinger and S. P. Polatkan . Detecting Unwanted Location Trackers. https:\/\/datatracker.ietf.org\/doc\/html\/draft-detecting-unwanted-location-trackers-00 , 2023 . B. Detwiler B. Ledvina, Z. Eddinger and S. P. Polatkan. Detecting Unwanted Location Trackers. https:\/\/datatracker.ietf.org\/doc\/html\/draft-detecting-unwanted-location-trackers-00, 2023."},{"key":"e_1_2_1_3_1","first-page":"1","article-title":"Pervasive monitoring is an attack","volume":"7258","author":"Farrell Stephen","year":"2014","unstructured":"Stephen Farrell and Hannes Tschofenig . Pervasive monitoring is an attack . RFC , 7258 : 1 -- 6 , 2014 . https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc7258.txt.pdf. Stephen Farrell and Hannes Tschofenig. Pervasive monitoring is an attack. RFC, 7258:1--6, 2014. https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc7258.txt.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/3547331"},{"key":"e_1_2_1_5_1","unstructured":"Rebekah Houser Zhou Li Chase Cotton and Haining Wang. An Investigation on Information Leakage of DNS over TLS. In CoNEXT.  Rebekah Houser Zhou Li Chase Cotton and Haining Wang. An Investigation on Information Leakage of DNS over TLS. In CoNEXT."},{"key":"e_1_2_1_6_1","first-page":"252","volume-title":"Min Suk Kang, and Dinil Mon Divakaran. Privacy of DNS-over-HTTPS: Requiem for a Dream? In IEEE EuroS&P","author":"Csikor Levente","year":"2021","unstructured":"Levente Csikor , Himanshu Singh , Min Suk Kang, and Dinil Mon Divakaran. Privacy of DNS-over-HTTPS: Requiem for a Dream? In IEEE EuroS&P , pages 252 -- 271 , 2021 . Levente Csikor, Himanshu Singh, Min Suk Kang, and Dinil Mon Divakaran. Privacy of DNS-over-HTTPS: Requiem for a Dream? In IEEE EuroS&P, pages 252--271, 2021."},{"key":"e_1_2_1_7_1","first-page":"44","volume-title":"Proceedings of the 22nd ACM Internet Measurement Conference, IMC","author":"Kosek Mike","unstructured":"Mike Kosek , Luca Schumann , Robin Marx , Trinh Viet Doan , and Vaibhav Bajpai . DNS Privacy with Speed? Evaluating DNS over QUIC and its Impact on Web Performance . In Proceedings of the 22nd ACM Internet Measurement Conference, IMC , pages 44 -- 50 . Mike Kosek, Luca Schumann, Robin Marx, Trinh Viet Doan, and Vaibhav Bajpai. DNS Privacy with Speed? Evaluating DNS over QUIC and its Impact on Web Performance. In Proceedings of the 22nd ACM Internet Measurement Conference, IMC, pages 44--50."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/3098822.3098842"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2021.108712"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC6973"},{"key":"e_1_2_1_11_1","first-page":"449","volume-title":"Proceedings of the 22nd ACM Internet Measurement Conference, IMC","author":"Sattler Patrick","unstructured":"Patrick Sattler , Juliane Aulbach , Johannes Zirngibl , and Georg Carle . Towards a tectonic traffic shift?: investigating apple's new relay network . In Proceedings of the 22nd ACM Internet Measurement Conference, IMC , pages 449 -- 457 . Patrick Sattler, Juliane Aulbach, Johannes Zirngibl, and Georg Carle. Towards a tectonic traffic shift?: investigating apple's new relay network. In Proceedings of the 22nd ACM Internet Measurement Conference, IMC, pages 449--457."},{"key":"e_1_2_1_12_1","first-page":"137","volume-title":"IMC '21: ACM Internet Measurement Conference","author":"McQuistin Stephen","unstructured":"Stephen McQuistin , Mladen Karan , Prashant Khare , Colin Perkins , Gareth Tyson , Matthew Purver , Patrick Healey , Waleed Iqbal , Junaid Qadir , and Ignacio Castro . Characterising the IETF through the lens of RFC deployment . In IMC '21: ACM Internet Measurement Conference , pages 137 -- 149 . Stephen McQuistin, Mladen Karan, Prashant Khare, Colin Perkins, Gareth Tyson, Matthew Purver, Patrick Healey, Waleed Iqbal, Junaid Qadir, and Ignacio Castro. Characterising the IETF through the lens of RFC deployment. In IMC '21: ACM Internet Measurement Conference, pages 137--149."},{"key":"e_1_2_1_13_1","volume-title":"Internet Engineering Task Force","author":"Hendrickson Scott","year":"2021","unstructured":"Scott Hendrickson , Jana Iyengar , Tommy Pauly , Steven Valdez , and Christopher A. Wood . Private Access Tokens. Internet-Draft draft-private-access-tokens-01 , Internet Engineering Task Force , October 2021 . Work in Progress. Scott Hendrickson, Jana Iyengar, Tommy Pauly, Steven Valdez, and Christopher A. Wood. Private Access Tokens. Internet-Draft draft-private-access-tokens-01, Internet Engineering Task Force, October 2021. Work in Progress."},{"key":"e_1_2_1_14_1","volume-title":"Internet Engineering Task Force","author":"Rescorla Eric","year":"2022","unstructured":"Eric Rescorla , Kazuho Oku , Nick Sullivan , and Christopher A. Wood . TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-15 , Internet Engineering Task Force , October 2022 . Work in Progress. Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-15, Internet Engineering Task Force, October 2022. Work in Progress."},{"key":"e_1_2_1_15_1","volume-title":"Internet Engineering Task Force","author":"Pauly Tommy","year":"2022","unstructured":"Tommy Pauly , Eric Kinnear , Christopher A. Wood , Patrick McManus , and Tommy Jensen . Discovery of Designated Resolvers. Internet-Draft draft-ietf-add-ddr-10 , Internet Engineering Task Force , August 2022 . Work in Progress. Tommy Pauly, Eric Kinnear, Christopher A. Wood, Patrick McManus, and Tommy Jensen. Discovery of Designated Resolvers. Internet-Draft draft-ietf-add-ddr-10, Internet Engineering Task Force, August 2022. Work in Progress."},{"key":"e_1_2_1_16_1","volume-title":"Internet Engineering Task Force","author":"Boucadair Mohamed","year":"2023","unstructured":"Mohamed Boucadair , Tirumaleswar Reddy . K, Dan Wing , Neil Cook , and Tommy Jensen . DHCP and Router Advertisement Options for the Discovery of Network-designated Resolvers (DNR). Internet-Draft draft-ietf-add-dnr-15 , Internet Engineering Task Force , April 2023 . Work in Progress. Mohamed Boucadair, Tirumaleswar Reddy. K, Dan Wing, Neil Cook, and Tommy Jensen. DHCP and Router Advertisement Options for the Discovery of Network-designated Resolvers (DNR). Internet-Draft draft-ietf-add-dnr-15, Internet Engineering Task Force, April 2023. Work in Progress."},{"key":"e_1_2_1_17_1","volume-title":"Internet Engineering Task Force","author":"Schwartz Benjamin M.","year":"2023","unstructured":"Benjamin M. Schwartz . Service Binding Mapping for DNS Servers. Internet-Draft draft-ietf-add-svcb-dns-08 , Internet Engineering Task Force , March 2023 . Work in Progress. Benjamin M. Schwartz. Service Binding Mapping for DNS Servers. Internet-Draft draft-ietf-add-svcb-dns-08, Internet Engineering Task Force, March 2023. Work in Progress."},{"key":"e_1_2_1_18_1","volume-title":"Internet Engineering Task Force","author":"Davidson Alex","year":"2023","unstructured":"Alex Davidson , Jana Iyengar , and Christopher A. Wood . The Privacy Pass Architecture. Internet-Draft draft-ietf-privacypass-architecture-11 , Internet Engineering Task Force , March 2023 . Work in Progress. Alex Davidson, Jana Iyengar, and Christopher A. Wood. The Privacy Pass Architecture. Internet-Draft draft-ietf-privacypass-architecture-11, Internet Engineering Task Force, March 2023. Work in Progress."},{"key":"e_1_2_1_19_1","volume-title":"Internet Engineering Task Force","author":"Celi Sofia","year":"2023","unstructured":"Sofia Celi , Alex Davidson , Armando Faz-Hernandez , Steven Valdez , and Christopher A. Wood . Privacy Pass Issuance Protocol. Internet-Draft draft-ietf-privacypass-protocol-10 , Internet Engineering Task Force , March 2023 . Work in Progress. Sofia Celi, Alex Davidson, Armando Faz-Hernandez, Steven Valdez, and Christopher A. Wood. Privacy Pass Issuance Protocol. Internet-Draft draft-ietf-privacypass-protocol-10, Internet Engineering Task Force, March 2023. Work in Progress."},{"key":"e_1_2_1_20_1","volume-title":"Internet Engineering Task Force","author":"Pauly Tommy","year":"2023","unstructured":"Tommy Pauly , Steven Valdez , and Christopher A. Wood . The Privacy Pass HTTP Authentication Scheme. Internet-Draft draft-ietf-privacypass-auth-scheme-09 , Internet Engineering Task Force , March 2023 . Work in Progress. Tommy Pauly, Steven Valdez, and Christopher A. Wood. The Privacy Pass HTTP Authentication Scheme. Internet-Draft draft-ietf-privacypass-auth-scheme-09, Internet Engineering Task Force, March 2023. Work in Progress."},{"key":"e_1_2_1_21_1","volume-title":"Internet Engineering Task Force","author":"Hendrickson Scott","year":"2023","unstructured":"Scott Hendrickson , Jana Iyengar , Tommy Pauly , Steven Valdez , and Christopher A. Wood . Rate-Limited Token Issuance Protocol. Internet-Draft draft-ietf-privacypass-rate-limit-tokens-01 , Internet Engineering Task Force , March 2023 . Work in Progress. Scott Hendrickson, Jana Iyengar, Tommy Pauly, Steven Valdez, and Christopher A. Wood. Rate-Limited Token Issuance Protocol. Internet-Draft draft-ietf-privacypass-rate-limit-tokens-01, Internet Engineering Task Force, March 2023. Work in Progress."},{"key":"e_1_2_1_22_1","volume-title":"Internet Engineering Task Force","author":"Pauly Tommy","year":"2023","unstructured":"Tommy Pauly , David Schinazi , Alex Chernyakhovsky , Mirja K\u00fchlewind , and Magnus Westerlund . Proxying IP in HTTP. Internet-Draft draft-ietf-masque-connect-ip-08 , Internet Engineering Task Force , March 2023 . Work in Progress. Tommy Pauly, David Schinazi, Alex Chernyakhovsky, Mirja K\u00fchlewind, and Magnus Westerlund. Proxying IP in HTTP. Internet-Draft draft-ietf-masque-connect-ip-08, Internet Engineering Task Force, March 2023. Work in Progress."},{"key":"e_1_2_1_23_1","first-page":"208","volume-title":"IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops, INFOCOM Workshops","author":"Fontugne Romain","year":"2018","unstructured":"Chia-ling Chan, Romain Fontugne , Kenjiro Cho , and Shigeki Goto . Monitoring TLS adoption using backbone and edge traffic . In IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops, INFOCOM Workshops 2018 , pages 208 -- 213 . Chia-ling Chan, Romain Fontugne, Kenjiro Cho, and Shigeki Goto. Monitoring TLS adoption using backbone and edge traffic. In IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops, INFOCOM Workshops 2018, pages 208--213."},{"key":"e_1_2_1_24_1","volume-title":"NDSS","author":"Siby Sandra","year":"2020","unstructured":"Sandra Siby , Marc Ju\u00e1rez , Claudia D\u00edaz , Narseo Vallina-Rodriguez , and Carmela Troncoso . Encrypted DNS -&gt; Privacy? A Traffic Analysis Perspective . In NDSS , 2020 . Sandra Siby, Marc Ju\u00e1rez, Claudia D\u00edaz, Narseo Vallina-Rodriguez, and Carmela Troncoso. Encrypted DNS -&gt; Privacy? A Traffic Analysis Perspective. In NDSS, 2020."},{"key":"e_1_2_1_25_1","series-title":"Lecture Notes in Computer Science","first-page":"136","volume-title":"Information Security Technology for Applications - 15th Nordic Conference on Secure IT Systems, NordSec","author":"Herrmann Dominik","year":"2010","unstructured":"Dominik Herrmann , Christoph Gerber , Christian Banse , and Hannes Federrath . Analyzing characteristic host access patterns for re-identification of web user sessions . In Information Security Technology for Applications - 15th Nordic Conference on Secure IT Systems, NordSec 2010 , volume 7127 of Lecture Notes in Computer Science , pages 136 -- 154 . Dominik Herrmann, Christoph Gerber, Christian Banse, and Hannes Federrath. Analyzing characteristic host access patterns for re-identification of web user sessions. In Information Security Technology for Applications - 15th Nordic Conference on Secure IT Systems, NordSec 2010, volume 7127 of Lecture Notes in Computer Science, pages 136--154."},{"key":"e_1_2_1_26_1","first-page":"42","volume-title":"IMC '20: ACM Internet Measurement Conference","author":"Moura Giovane C. M.","unstructured":"Giovane C. M. Moura , Sebastian Castro , Wes Hardaker , Maarten Wullink , and Cristian Hesselman . Clouding up the internet: how centralized is DNS traffic becoming? In IMC '20: ACM Internet Measurement Conference , pages 42 -- 49 . Giovane C. M. Moura, Sebastian Castro, Wes Hardaker, Maarten Wullink, and Cristian Hesselman. Clouding up the internet: how centralized is DNS traffic becoming? In IMC '20: ACM Internet Measurement Conference, pages 42--49."},{"key":"e_1_2_1_27_1","volume-title":"Spying on the smart home: Privacy attacks and defenses on encrypted iot traffic. CoRR, abs\/1708.05044","author":"Apthorpe Noah J.","year":"2017","unstructured":"Noah J. Apthorpe , Dillon Reisman , Srikanth Sundaresan , Arvind Narayanan , and Nick Feamster . Spying on the smart home: Privacy attacks and defenses on encrypted iot traffic. CoRR, abs\/1708.05044 , 2017 . Noah J. Apthorpe, Dillon Reisman, Srikanth Sundaresan, Arvind Narayanan, and Nick Feamster. Spying on the smart home: Privacy attacks and defenses on encrypted iot traffic. CoRR, abs\/1708.05044, 2017."},{"key":"e_1_2_1_28_1","volume-title":"A smart home is no castle: Privacy vulnerabilities of encrypted iot traffic. CoRR, abs\/1705.06805","author":"Apthorpe Noah J.","year":"2017","unstructured":"Noah J. Apthorpe , Dillon Reisman , and Nick Feamster . A smart home is no castle: Privacy vulnerabilities of encrypted iot traffic. CoRR, abs\/1705.06805 , 2017 . Noah J. Apthorpe, Dillon Reisman, and Nick Feamster. A smart home is no castle: Privacy vulnerabilities of encrypted iot traffic. CoRR, abs\/1705.06805, 2017."},{"key":"e_1_2_1_29_1","series-title":"Lecture Notes in Computer Science","first-page":"180","volume-title":"Policy-Based Autonomic Data Governance","author":"Le Franck","year":"2018","unstructured":"Franck Le , Jorge Ortiz , Dinesh C. Verma , and Dilip D. Kandlur . Policy-based identification of iot devices' vendor and type by DNS traffic analysis . In Policy-Based Autonomic Data Governance , volume 11550 of Lecture Notes in Computer Science , pages 180 -- 201 , 2018 . Franck Le, Jorge Ortiz, Dinesh C. Verma, and Dilip D. Kandlur. Policy-based identification of iot devices' vendor and type by DNS traffic analysis. In Policy-Based Autonomic Data Governance, volume 11550 of Lecture Notes in Computer Science, pages 180--201, 2018."},{"key":"e_1_2_1_30_1","first-page":"1","article-title":"Specification for DNS over transport layer security (TLS)","volume":"7858","author":"Hu Zi","year":"2016","unstructured":"Zi Hu , Liang Zhu , John S. Heidemann , Allison Mankin , Duane Wessels , and Paul E. Hoffman . Specification for DNS over transport layer security (TLS) . RFC , 7858 : 1 -- 19 , 2016 . https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc7858.txt.pdf. Zi Hu, Liang Zhu, John S. Heidemann, Allison Mankin, Duane Wessels, and Paul E. Hoffman. Specification for DNS over transport layer security (TLS). RFC, 7858:1--19, 2016. https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc7858.txt.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_31_1","first-page":"1","article-title":"DNS queries over HTTPS (doh)","volume":"8484","author":"Hoffman Paul E.","year":"2018","unstructured":"Paul E. Hoffman and Patrick McManus . DNS queries over HTTPS (doh) . RFC , 8484 : 1 -- 21 , 2018 . https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc8484.txt.pdf. Paul E. Hoffman and Patrick McManus. DNS queries over HTTPS (doh). RFC, 8484:1--21, 2018. https:\/\/www.rfc-editor.org\/rfc\/pdfrfc\/rfc8484.txt.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_32_1","first-page":"1","article-title":"DNS over dedicated QUIC connections","volume":"9250","author":"Huitema Christian","year":"2022","unstructured":"Christian Huitema , Sara Dickinson , and Allison Mankin . DNS over dedicated QUIC connections . RFC , 9250 : 1 -- 27 , 2022 . https:\/\/www.rfc-editor.org\/rfc\/rfc9250.pdf. Christian Huitema, Sara Dickinson, and Allison Mankin. DNS over dedicated QUIC connections. RFC, 9250:1--27, 2022. https:\/\/www.rfc-editor.org\/rfc\/rfc9250.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/3544912.3544918"},{"key":"e_1_2_1_34_1","volume-title":"Fragmentation and DoTCP Fallback. In IFIP Networking Conference","author":"Dikshit P.","year":"2023","unstructured":"P. Dikshit , M. Kosek , N. Faulhaber , J. Sengupta , and V. Bajpai . Evaluating DNS Resiliency with Truncation , Fragmentation and DoTCP Fallback. In IFIP Networking Conference , 2023 . P. Dikshit, M. Kosek, N. Faulhaber, J. Sengupta, and V. Bajpai. Evaluating DNS Resiliency with Truncation, Fragmentation and DoTCP Fallback. In IFIP Networking Conference, 2023."},{"key":"e_1_2_1_35_1","doi-asserted-by":"crossref","first-page":"98","DOI":"10.1109\/SP.2014.14","volume-title":"2014 IEEE Symposium on Security and Privacy, SP 2014","author":"Bhargavan Karthikeyan","year":"2014","unstructured":"Karthikeyan Bhargavan , Antoine Delignat-Lavaud , C\u00e9dric Fournet , Alfredo Pironti , and Pierre-Yves Strub . Triple handshakes and cookie cutters: Breaking and fixing authentication over TLS . In 2014 IEEE Symposium on Security and Privacy, SP 2014 , Berkeley, CA, USA, May 18--21 , 2014 , pages 98 -- 113 . IEEE Computer Society, 2014. Karthikeyan Bhargavan, Antoine Delignat-Lavaud, C\u00e9dric Fournet, Alfredo Pironti, and Pierre-Yves Strub. Triple handshakes and cookie cutters: Breaking and fixing authentication over TLS. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18--21, 2014, pages 98--113. IEEE Computer Society, 2014."},{"key":"e_1_2_1_36_1","first-page":"81","volume-title":"IEEE European Symposium on Security and Privacy, EuroS&P","author":"Krawczyk Hugo","year":"2016","unstructured":"Hugo Krawczyk and Hoeteck Wee . The OPTLS protocol and TLS 1.3 . In IEEE European Symposium on Security and Privacy, EuroS&P 2016 , pages 81 -- 96 . Hugo Krawczyk and Hoeteck Wee. The OPTLS protocol and TLS 1.3. In IEEE European Symposium on Security and Privacy, EuroS&P 2016, pages 81--96."},{"key":"e_1_2_1_37_1","first-page":"70","volume-title":"WWW '21: The Web Conference","author":"Lee Hyunwoo","year":"2021","unstructured":"Hyunwoo Lee , Doowon Kim , and Yonghwi Kwon . TLS 1. 3 in practice: How TLS 1.3 contributes to the internet . In WWW '21: The Web Conference 2021 , pages 70 -- 79 . Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon. TLS 1.3 in practice: How TLS 1.3 contributes to the internet. In WWW '21: The Web Conference 2021, pages 70--79."},{"key":"e_1_2_1_38_1","first-page":"1","article-title":"Oblivious DNS over HTTPS","volume":"9230","author":"Kinnear Eric","year":"2022","unstructured":"Eric Kinnear , Patrick McManus , Tommy Pauly , Tanya Verma , and Christopher A. Wood . Oblivious DNS over HTTPS . RFC , 9230 : 1 -- 19 , 2022 . https:\/\/www.rfc-editor.org\/rfc\/rfc9230.pdf. Eric Kinnear, Patrick McManus, Tommy Pauly, Tanya Verma, and Christopher A. Wood. Oblivious DNS over HTTPS. RFC, 9230:1--19, 2022. https:\/\/www.rfc-editor.org\/rfc\/rfc9230.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/3503158"},{"key":"e_1_2_1_40_1","first-page":"1","volume-title":"Vaibhav Bajpai. Evaluating Public DNS Services in the Wake of Increasing Centralization of DNS. In IFIP Networking Conference","author":"Doan Trinh Viet","year":"2021","unstructured":"Trinh Viet Doan , Justus Fries , and Vaibhav Bajpai. Evaluating Public DNS Services in the Wake of Increasing Centralization of DNS. In IFIP Networking Conference , pages 1 -- 9 . IEEE, 2021 . Trinh Viet Doan, Justus Fries, and Vaibhav Bajpai. Evaluating Public DNS Services in the Wake of Increasing Centralization of DNS. In IFIP Networking Conference, pages 1--9. IEEE, 2021."},{"key":"e_1_2_1_41_1","first-page":"1","article-title":"A udp-based multiplexed and secure transport","volume":"9000","author":"Iyengar Jana","year":"2021","unstructured":"Jana Iyengar and Martin Thomson . QUIC : A udp-based multiplexed and secure transport . RFC , 9000 : 1 -- 151 , 2021 . https:\/\/www.rfc-editor.org\/rfc\/rfc9000.pdf. Jana Iyengar and Martin Thomson. QUIC: A udp-based multiplexed and secure transport. RFC, 9000:1--151, 2021. https:\/\/www.rfc-editor.org\/rfc\/rfc9000.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.001.2000877"},{"key":"e_1_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2021.3134562"},{"key":"e_1_2_1_44_1","volume-title":"IFIP Networking Conference","author":"Sengupta J.","year":"2023","unstructured":"J. Sengupta , M. Kosek , J. Fries , P. Dikshit , and V. Bajpai . Web Privacy By Design: Evaluating Cross-layer Interactions of QUIC, DNS and H\/3 . In IFIP Networking Conference , 2023 . J. Sengupta, M. Kosek, J. Fries, P. Dikshit, and V. Bajpai. Web Privacy By Design: Evaluating Cross-layer Interactions of QUIC, DNS and H\/3. In IFIP Networking Conference, 2023."},{"key":"e_1_2_1_45_1","volume-title":"IMC. ACM","author":"Elmenhorst Kathrin","year":"2021","unstructured":"Kathrin Elmenhorst , Bertram Sch\u00fctz , Nils Aschenbruck , and Simone Basso . Web censorship measurements of HTTP\/3 over QUIC . In IMC. ACM , 2021 . Kathrin Elmenhorst, Bertram Sch\u00fctz, Nils Aschenbruck, and Simone Basso. Web censorship measurements of HTTP\/3 over QUIC. In IMC. ACM, 2021."},{"key":"e_1_2_1_46_1","first-page":"1","volume":"9114","author":"Bishop Mike","year":"2022","unstructured":"Mike Bishop . HTTP\/3 . RFC , 9114 : 1 -- 57 , 2022 . https:\/\/www.rfc-editor.org\/rfc\/rfc9114.pdf. Mike Bishop. HTTP\/3. RFC, 9114:1--57, 2022. https:\/\/www.rfc-editor.org\/rfc\/rfc9114.pdf.","journal-title":"RFC"},{"key":"e_1_2_1_47_1","first-page":"2561","volume-title":"30th USENIX Security Symposium, USENIX Security","author":"Nakatsuka Yoshimichi","year":"2021","unstructured":"Yoshimichi Nakatsuka , Ercan Ozturk , Andrew Paverd , and Gene Tsudik . CACTI : captcha avoidance via client-side TEE integration . In 30th USENIX Security Symposium, USENIX Security 2021 , pages 2561 -- 2578 . USENIX Association. Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, and Gene Tsudik. CACTI: captcha avoidance via client-side TEE integration. In 30th USENIX Security Symposium, USENIX Security 2021, pages 2561--2578. USENIX Association."},{"key":"e_1_2_1_48_1","first-page":"435","volume-title":"19th USENIX Security Symposium","author":"Motoyama Marti","year":"2010","unstructured":"Marti Motoyama , Kirill Levchenko , Chris Kanich , Damon McCoy , Geoffrey M. Voelker , and Stefan Savage . Re : Captchas-understanding captcha-solving services in an economic context . In 19th USENIX Security Symposium , pages 435 -- 462 , 2010 . Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. Re: Captchas-understanding captcha-solving services in an economic context. In 19th USENIX Security Symposium, pages 435--462, 2010."},{"key":"e_1_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2018-0026"},{"key":"e_1_2_1_50_1","doi-asserted-by":"crossref","first-page":"939","DOI":"10.1145\/3372297.3417292","volume-title":"CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security","author":"Frymann Nick","year":"2020","unstructured":"Nick Frymann , Daniel Gardham , Franziskus Kiefer , Emil Lundberg , Mark Manulis , and Dain Nilsson . Asynchronous remote key generation: An analysis of yubico's proposal for W3C webauthn . In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security , 2020 , pages 939 -- 954 . Nick Frymann, Daniel Gardham, Franziskus Kiefer, Emil Lundberg, Mark Manulis, and Dain Nilsson. Asynchronous remote key generation: An analysis of yubico's proposal for W3C webauthn. In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pages 939--954."},{"key":"e_1_2_1_51_1","volume-title":"Web authentication: An api for accessing public key credentials level 3. https:\/\/w3c.github.io\/webauthn\/","author":"Jones Emil Lundberg","year":"2022","unstructured":"Emil Lundberg Michael B Jones , Akshay Kumar . Web authentication: An api for accessing public key credentials level 3. https:\/\/w3c.github.io\/webauthn\/ , 2022 . Emil Lundberg Michael B Jones, Akshay Kumar. Web authentication: An api for accessing public key credentials level 3. https:\/\/w3c.github.io\/webauthn\/, 2022."},{"key":"e_1_2_1_52_1","volume-title":"Oblivious HTTP. https:\/\/www.ietf.org\/archive\/id\/draft-ietf-ohai-ohttp-08.html","author":"Thomson M.","year":"2023","unstructured":"M. Thomson and C. A. Wood . Oblivious HTTP. https:\/\/www.ietf.org\/archive\/id\/draft-ietf-ohai-ohttp-08.html , 2023 . M. Thomson and C. A. Wood. Oblivious HTTP. https:\/\/www.ietf.org\/archive\/id\/draft-ietf-ohai-ohttp-08.html, 2023."},{"key":"e_1_2_1_53_1","volume-title":"Magnus Westerlund. Evaluation of QUIC-based MASQUE Proxying. In EPIQ","author":"K\u00fchlewind Mirja","year":"2021","unstructured":"Mirja K\u00fchlewind , Matias Carlander-Reuterfelt , Marcus Ihlar , and Magnus Westerlund. Evaluation of QUIC-based MASQUE Proxying. In EPIQ 2021 . Mirja K\u00fchlewind, Matias Carlander-Reuterfelt, Marcus Ihlar, and Magnus Westerlund. Evaluation of QUIC-based MASQUE Proxying. In EPIQ 2021."},{"key":"e_1_2_1_54_1","volume-title":"Usage statistics of HTTP\/3 for websites. https:\/\/w3techs.com\/technologies\/details\/ce-http3","year":"2023","unstructured":"W3Tech. Usage statistics of HTTP\/3 for websites. https:\/\/w3techs.com\/technologies\/details\/ce-http3 , 2023 . W3Tech. Usage statistics of HTTP\/3 for websites. https:\/\/w3techs.com\/technologies\/details\/ce-http3, 2023."},{"key":"e_1_2_1_55_1","volume-title":"Large scale measurement on the adoption of encrypted DNS. CoRR, abs\/2107.04436","author":"Garc\u00eda Sebasti\u00e1n","year":"2021","unstructured":"Sebasti\u00e1n Garc\u00eda , Karel Hynek , Dmitrii Vekshin , Tom\u00e1s Cejka , and Armin Wasicek . Large scale measurement on the adoption of encrypted DNS. CoRR, abs\/2107.04436 , 2021 . Sebasti\u00e1n Garc\u00eda, Karel Hynek, Dmitrii Vekshin, Tom\u00e1s Cejka, and Armin Wasicek. Large scale measurement on the adoption of encrypted DNS. CoRR, abs\/2107.04436, 2021."},{"key":"e_1_2_1_56_1","volume-title":"Usage statistics of QUIC for websites. https:\/\/w3techs.com\/technologies\/details\/ce-quic","year":"2023","unstructured":"W3Tech. Usage statistics of QUIC for websites. https:\/\/w3techs.com\/technologies\/details\/ce-quic , 2023 . W3Tech. Usage statistics of QUIC for websites. https:\/\/w3techs.com\/technologies\/details\/ce-quic, 2023."},{"key":"e_1_2_1_57_1","doi-asserted-by":"crossref","first-page":"537","DOI":"10.1007\/978-3-030-98785-5_24","volume-title":"Passive and Active Measurement Conference, PAM","volume":"13210","author":"Kosek Mike","year":"2022","unstructured":"Mike Kosek , Trinh Viet Doan , Malte Granderath , and Vaibhav Bajpai . One to Rule Them All? A First Look at DNS over QUIC . In Passive and Active Measurement Conference, PAM , volume 13210 , pages 537 -- 551 . Springer , 2022 . Mike Kosek, Trinh Viet Doan, Malte Granderath, and Vaibhav Bajpai. One to Rule Them All? A First Look at DNS over QUIC. In Passive and Active Measurement Conference, PAM, volume 13210, pages 537--551. Springer, 2022."},{"key":"e_1_2_1_58_1","series-title":"Lecture Notes in Computer Science","first-page":"233","volume-title":"Advances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security","author":"Jarecki Stanislaw","unstructured":"Stanislaw Jarecki , Aggelos Kiayias , and Hugo Krawczyk . Round-optimal password-protected secret sharing and T-PAKE in the password-only model . In Advances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security , volume 8874 of Lecture Notes in Computer Science , pages 233 -- 253 . Stanislaw Jarecki, Aggelos Kiayias, and Hugo Krawczyk. Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In Advances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, volume 8874 of Lecture Notes in Computer Science, pages 233--253."},{"key":"e_1_2_1_59_1","volume-title":"Passkey support on Android and Chrome. https:\/\/developers.google.com\/identity\/passkeys\/supported-environments","year":"2023","unstructured":"Google. Passkey support on Android and Chrome. https:\/\/developers.google.com\/identity\/passkeys\/supported-environments , 2023 . Google. Passkey support on Android and Chrome. https:\/\/developers.google.com\/identity\/passkeys\/supported-environments, 2023."}],"container-title":["ACM SIGCOMM Computer Communication Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3610381.3610385","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3610381.3610385","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:02Z","timestamp":1750182542000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3610381.3610385"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,4,30]]},"references-count":59,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2023,4,30]]}},"alternative-id":["10.1145\/3610381.3610385"],"URL":"https:\/\/doi.org\/10.1145\/3610381.3610385","relation":{},"ISSN":["0146-4833"],"issn-type":[{"value":"0146-4833","type":"print"}],"subject":[],"published":{"date-parts":[[2023,4,30]]},"assertion":[{"value":"2023-07-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}