Google Announces Bringing DNS over HTTP/3 to Android

Google has announced that it will bring DNS-over-HTTP/3 encrypted secure query support to Android. Devices running Android 11 and above will receive support for this feature via a Google Play system update, and DoH3 will become the default option. This is more secure and enhances user privacy protection than using DNS over TLS by default. Using HTTP/3 can mainly speed up connections via UDP.
Android GPU Inspector tool
At present, from Android version 9.0 to the latest version, the DNS-over-TLS (DoT) connection has been supported. After this update is pushed, users can choose a faster and safer DoH3 connection.
Both DoH and DoT are used to encrypt DNS requests to avoid sniffing by operators and middlemen. The essential purpose is to protect user browsing records from being stolen. Among them, DoT encryption also allows network administrators to identify specific traffic such as identifying and blocking malicious websites. From the perspective of network security, DoT is better.

DoH, on the other hand, hides the query in regular HTTPS traffic, which means it is more difficult to identify, and DoH is better from a pure privacy perspective. DoH3 is a subset of DoH, mainly using DNS over HTTP/3 technology, HTTP/3 uses QUIC-like UDP transport for faster connections.

While using HTTPS alone will not reduce the overhead significantly, HTTP/3 uses QUIC, a transport that efficiently multiplexes multiple streams over UDP using a single TLS session with session resumption,” Matthew Maurer and Mike Yu from the Android team said in a post.

At present, the main traffic of the whole network is still carried out through the HTTP/2 protocol. At present, HTTP/3 is gradually becoming popular, which requires the support of service providers.

With the introduction of Rust, we are able to improve both security and the performance at the same time,” Maurer and Yu said. “Likewise, QUIC allows us to improve network performance and privacy simultaneously.