Abstract
DNS privacy concerns are growing. Recursive resolvers such as ISP DNS and Google Public DNS are serving massive clients, which could fingerprint individual users and analysis the domain interest of users easily. In order to mitigate user privacy leaks on recursive resolvers, in this paper we propose an EDNS privacy tunnel (EPT) extension for DNS. EPT can hide the query domain name from recursive resolvers through public key encryption, avoid big data analysis on individual users, defense against censorship and lying recursive resolvers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Imana, B., Korolova, A., Heidemann, J.: Enumerating privacy leaks in DNS data collected above the recursive. In NDSS: DNS Privacy Workshop, February 2018
Siby, S., Juarez, M., Vallina-Rodriguez, N., Troncoso, C.: DNS Privacy not so private: the traffic analysis perspective (2018)
Bradshaw, S., DeNardis, L.: Privacy by infrastructure: the unresolved case of the domain name system. Policy Internet 11(1), 16–36 (2019)
Contavalli, C., van der Gaast, W., Lawrence, D., Kumari, W.: Client Subnet in DNS Queries. RFC7871 (2016)
Kintis, P., Nadji, Y., Dagon, D., Farrell, M., Antonakakis, M.: Understanding the privacy implications of ECS. In: Caballero, J., Zurutuza, U., RodrÃguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 343–353. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_17
Hu, Z., et al.: Specification for DNS over Transport Layer Security (TLS). RFC 7858 (2016)
Reddy, T., Wing, D., Patil, P.: DNS over Datagram Transport Layer Security (DTLS). No. RFC 8094 (2017)
Dempsky, M.: DNSCurve: link-level security for the domain name system. Work in Progress, draft-dempsky-dnscurve-01 (2010)
DNSCrypt. https://dnscrypt.org/
Wijngaards, W., Wiley, G.: Confidential DNS. IETF Draft (2015). https://tools.ietf.org/html/draft-wijngaards-dnsop-confidentialdns-03
Kumari, W., Hoffman, P.: Decreasing Access Time to Root Servers by Running One on Loopback. RFC 7706 (2015)
Bortzmeyer, S.: DNS Query Name Minimisation to Improve Privacy. RFC7816 (2016)
Herrmann, D., Fuchs, K.-P., Lindemann, J., Federrath, H.: EncDNS: a lightweight privacy-preserving name resolution service. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 37–55. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11203-9_3
Schmitt, P., Edmundson, A., Feamster, N.: Oblivious DNS: practical privacy for DNS queries. arXiv preprint arXiv:1806.00276 (2018)
Damas, J., Graff, M., Vixie, P.: Extension mechanisms for DNS (EDNS (0)). RFC 6891 (2013)
Greschbach, B., Pulls, T., Roberts, L.M., Winter, P., Feamster, N.: The Effect of DNS on Tor’s Anonymity. arXiv preprint arXiv:1609.08187 (2016)
Chen, Y., Antonakakis, M., Perdisci, R., Nadji, Y., Dagon, D., Lee, W.: DNS noise: measuring the pervasiveness of disposable domains in modern DNS traffic. In: 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 598–609. IEEE, June 2014
dns_test_ept. https://github.com/abbypan/dns_test_ept
MartÃnez, V.G., Encinas, L.H.: A comparison of the standardized versions of ECIES. In: Sixth International Conference on Information Assurance and Security (IAS), pp. 1–4. IEEE, August 2010
Pan, L., Yuchi, X., Wang, J., Hu, A.: A public key based EDNS privacy tunnel for DNS. In: 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 1722–1724. IEEE, August 2018
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Pan, L., Chen, J., Hu, A., Yuchi, X. (2019). EPT: EDNS Privacy Tunnel for DNS. In: Wang, G., Feng, J., Bhuiyan, M., Lu, R. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2019. Lecture Notes in Computer Science(), vol 11611. Springer, Cham. https://doi.org/10.1007/978-3-030-24907-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-24907-6_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24906-9
Online ISBN: 978-3-030-24907-6
eBook Packages: Computer ScienceComputer Science (R0)