A Study on TLS-Based Packet Inspection and Its Circumvention Technologies in Future Tactical Network

Woonghee Lee, Junbeom Hur

Research output: Contribution to journalArticlepeer-review

Abstract

This paper introduces TLS-based packet inspection techniques and introduces trends in related circumvetion technologies. First, this paper describes IP blocking, DNS blocking, and SNI filtering, which are representative packet inspection techniques and DNS-over-TLS and DNS-over-HTTPS, which are DNS encryption standard technologies to prevent those techniques. In addition, the advantages and disadvantages of DoT and its detailed characteristics are analyzed and related privacy issues are explained. We also analyze the three technologies, DoT, DoH and DoQ by comparing their characteristics with previous researches. We introduce the standardization progress of SNI encryption technology and discuss about its limitation. Additionally we look at the possibility of future tactical network operations of related standard technologies.

Original languageEnglish
Pages (from-to)1370-1380
Number of pages11
JournalJournal of Korean Institute of Communications and Information Sciences
Volume47
Issue number9
DOIs
Publication statusPublished - 2022 Sept

Bibliographical note

Publisher Copyright:
© 2022, Korean Institute of Communications and Information Sciences. All rights reserved.

Keywords

  • Circumvention
  • DNS encryption
  • Future tactical network
  • Packet Inspection
  • SNI
  • TLS

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems and Management
  • Computer Science (miscellaneous)

Fingerprint

Dive into the research topics of 'A Study on TLS-Based Packet Inspection and Its Circumvention Technologies in Future Tactical Network'. Together they form a unique fingerprint.

Cite this