Every Web session involves a DNS resolution. While, in the last
decade, we witnessed a promising trend towards an encrypted Web in general,
DNS encryption has only recently gained traction with the standardisation of
DNS over TLS (DoT) and DNS over HTTPS (DoH). Meanwhile, the rapid rise of QUIC
deployment has now opened up an exciting opportunity to utilise the same
protocol to not only encrypt Web communications, but also DNS. In this paper,
we evaluate this benefit of using QUIC to coalesce name resolution via DNS
over QUIC (DoQ), and Web content delivery via HTTP/3 (H3) with 0-RTT. We
compare this scenario using several possible combinations where H3 is used in
conjunction with DoH and DoQ, as well as the unencrypted DNS over UDP (DoUDP).
We observe, that when using H3 1-RTT, page load times with DoH can get
inflated by >30% over fixed-line and by >50% over mobile when compared to
unencrypted DNS with DoUDP. However, this cost of encryption can be
drastically reduced when encrypted connections are coalesced (DoQ + H3 0-RTT),
thereby reducing the page load times by 1/3 over fixed-line and 1/2 over
mobile, overall making connection coalescing with QUIC the best option for
encrypted communication on the Internet.
%0 Journal Article
%1 10486930
%A Sengupta, Jayasree
%A Kosek, Mike
%A Fries, Justus
%A Ferlin-Reiter, Simone
%A Bajpai, Vaibhav
%D 2024
%J IEEE Transactions on Network and Service Management
%K Name Protocols;Domain System;Privacy;Servers;IP computing;QUIC;Web;HTTP/3;DNS networks;Encryption;Cloud
%P 1-1
%R 10.1109/TNSM.2024.3383787
%T On Cross-Layer Interactions of QUIC, Encrypted DNS and HTTP/3: Design, Evaluation and Dataset
%X Every Web session involves a DNS resolution. While, in the last
decade, we witnessed a promising trend towards an encrypted Web in general,
DNS encryption has only recently gained traction with the standardisation of
DNS over TLS (DoT) and DNS over HTTPS (DoH). Meanwhile, the rapid rise of QUIC
deployment has now opened up an exciting opportunity to utilise the same
protocol to not only encrypt Web communications, but also DNS. In this paper,
we evaluate this benefit of using QUIC to coalesce name resolution via DNS
over QUIC (DoQ), and Web content delivery via HTTP/3 (H3) with 0-RTT. We
compare this scenario using several possible combinations where H3 is used in
conjunction with DoH and DoQ, as well as the unencrypted DNS over UDP (DoUDP).
We observe, that when using H3 1-RTT, page load times with DoH can get
inflated by >30% over fixed-line and by >50% over mobile when compared to
unencrypted DNS with DoUDP. However, this cost of encryption can be
drastically reduced when encrypted connections are coalesced (DoQ + H3 0-RTT),
thereby reducing the page load times by 1/3 over fixed-line and 1/2 over
mobile, overall making connection coalescing with QUIC the best option for
encrypted communication on the Internet.
@article{10486930,
abstract = {Every Web session involves a DNS resolution. While, in the last
decade, we witnessed a promising trend towards an encrypted Web in general,
DNS encryption has only recently gained traction with the standardisation of
DNS over TLS (DoT) and DNS over HTTPS (DoH). Meanwhile, the rapid rise of QUIC
deployment has now opened up an exciting opportunity to utilise the same
protocol to not only encrypt Web communications, but also DNS. In this paper,
we evaluate this benefit of using QUIC to coalesce name resolution via DNS
over QUIC (DoQ), and Web content delivery via HTTP/3 (H3) with 0-RTT. We
compare this scenario using several possible combinations where H3 is used in
conjunction with DoH and DoQ, as well as the unencrypted DNS over UDP (DoUDP).
We observe, that when using H3 1-RTT, page load times with DoH can get
inflated by >30% over fixed-line and by >50% over mobile when compared to
unencrypted DNS with DoUDP. However, this cost of encryption can be
drastically reduced when encrypted connections are coalesced (DoQ + H3 0-RTT),
thereby reducing the page load times by 1/3 over fixed-line and 1/2 over
mobile, overall making connection coalescing with QUIC the best option for
encrypted communication on the Internet.},
added-at = {2024-04-23T14:07:45.000+0200},
author = {Sengupta, Jayasree and Kosek, Mike and Fries, Justus and Ferlin-Reiter, Simone and Bajpai, Vaibhav},
biburl = {https://www.bibsonomy.org/bibtex/29d14c9894afd7370a847cea7f71c2ee7/hpi-hiic},
doi = {10.1109/TNSM.2024.3383787},
interhash = {42a06180a379013c43364299b0086037},
intrahash = {9d14c9894afd7370a847cea7f71c2ee7},
issn = {1932-4537},
journal = {IEEE Transactions on Network and Service Management},
keywords = {Name Protocols;Domain System;Privacy;Servers;IP computing;QUIC;Web;HTTP/3;DNS networks;Encryption;Cloud},
pages = {1-1},
timestamp = {2024-04-23T14:07:45.000+0200},
title = {On Cross-Layer Interactions of QUIC, Encrypted DNS and HTTP/3: Design, Evaluation and Dataset},
year = 2024
}