Enhancement of DNSSec: Including Confidentiality to Name Resolution

DNS is one of the pillars of the Internet, understanding of functioning, performance and efficiency is paramount in building a name-resilient infrastructure that is responsive and resilient. The purpose of this work is to demonstrate that although DNSSEC provides integrity and reliability to the protocol, the question of ensuring that the DNS service that responded to the request is a valid DNS service, queries are still performed in plaintext, thus enabling monitoring and consequently access to all queries and metadata inherent to them by an attacker, that is, there is no confidentiality. We will demonstrate using protocols that are in development such as DNSCrypt, DNS over TLS and DNS over HTTPS, the feasibility of using encryption between the DNS client and the recursive server, thus guaranteeing DNS queries with a slightly longer latency, but within acceptable limits for practical use by a user.