Understanding the Privacy Implications of ECS

(Extended Abstract)
  • Panagiotis KintisEmail author
  • Yacin Nadji
  • David Dagon
  • Michael Farrell
  • Manos Antonakakis
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9721)


The edns-client-subnet (ECS) is a new extension for the Domain Name System (DNS) that delivers a “faster Internet” with the help of client-specific DNS answers. Under ECS, recursive DNS servers (recursives) provide client network address information to upstream authorities, permitting topologically localized answers for content delivery networks (CDNs). This optimization, however, comes with a privacy penalty that has not yet been studied. Our analysis concludes that ECS makes DNS communications less private: the potential for mass surveillance is greater, and stealthy, highly targeted DNS poisoning attacks become possible.

Despite being an experimental extension, ECS is already deployed, and users are expected to “opt out” on their own. Yet, there are no available client-side tools to do so. We describe a configuration of an experimental recursive tool to reduce the privacy leak from ECS queries in order to immediately allow users to protect their privacy. We recommend the protocol change from “opt out” to “opt in”, given the experimental nature of the extension and its privacy implications.



This material is based upon work supported in part by the US Department of Commerce under grant no. 2106DEK and Sandia National Laboratories grant no. 2106DMU. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the US Department of Commerce nor Sandia National Laboratories.


  1. 1.
    Antonakakis, M., Dagon, D., Luo, X., Perdisci, R., Lee, W., Bellmor, J.: A centralized monitoring infrastructure for improving DNS security. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 18–37. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements. RFC 4033 (Proposed Standard), March 2005., updated by RFCs 6014, 6840
  3. 3.
    Bortzmeyer, S.: DNS Privacy Considerations, April 2014.
  4. 4.
    Calder, M., Fan, X., Hu, Z., Katz-Bassett, E., Heidemann, J., Govindan, R.: Mapping the expansion of Google’s serving infrastructure. In: Proceedings of the 2013 Conference on Internet Measurement Conference, IMC 2013, pp. 313–326. ACM, New York (2013).
  5. 5.
    Contavalli, C., Gaast, W.V.D., Leach, S., Rodden, D.: Client Subnet in DNS Requests (draft-vandergaast-edns-client-subnet-00) (2011).
  6. 6.
    Contavalli, C., Leach, S., Lewis, E., Gaast, W.V.D.: Client subnet in DNS requests (2013)Google Scholar
  7. 7.
    Contavalli, C., Leach, S., Lewis, E., Gaast, W.V.D.: Client Subnet in DNS Requests (draft-vandergaast-edns-client-subnet-02) (2014).
  8. 8.
    Dagon, D., Antonakakis, M., Vixie, P., Jinmei, T., Lee, W.: Increased DNS forgery resistance through 0x20-bit encoding: security via leet queries. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, pp. 211–222. ACM (2008)Google Scholar
  9. 9.
    Electronic Frontier Foundation: Mass Surveillance Technologies (2015).
  10. 10.
    Federrath, H., Fuchs, K.-P., Herrmann, D., Piosecny, C.: Privacy-preserving DNS: analysis of broadcast, range queries and mix-based protection methods. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 665–683. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  11. 11.
    Google: Introduction to Google Public DNS. Accessed 07 Apr 2015
  12. 12.
    Guha, S., Francis, P.: Identity trail: covert surveillance using DNS. In: Borisov, N., Golle, P. (eds.) PET 2007. LNCS, vol. 4776, pp. 153–166. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  13. 13.
    Kaminsky, D.: Black ops 2008: It’s the end of the cache as we know it. Black Hat USA (2008)Google Scholar
  14. 14.
    Krishnan, S., Monrose, F.: DNS prefetching and its privacy implications: when good things go bad. In: Proceedings of the 3rd USENIX Conference on Large-scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More, p. 10. USENIX Association (2010)Google Scholar
  15. 15.
    Mockapetris, P.: Domain names - implementation and specification. RFC 1035 (INTERNET STANDARD), November 1987.
  16. 16.
    OpenDNS: The OpenDNS Global Network Delivers a Secure Connection Every Time, Everywhere (2010).
  17. 17.
    OpenDNS: A Faster Internet (2011).
  18. 18.
    Otto, J.S., Sánchez, M.A., Rula, J.P., Bustamante, F.E.: Content delivery and the natural evolution of DNS: remote DNS trends, performance issues and alternative solutions. In: Proceedings of the 2012 ACM Conference on Internet Measurement Conference, pp. 523–536. ACM (2012)Google Scholar
  19. 19.
    Perdisci, R., Antonakakis, M., Luo, X., Lee, W.: WSEC DNS: protecting recursive DNS resolvers from poisoning attacks. In: IEEE/IFIP International Conference on Dependable Systems & Networks 2009, DSN 2009, pp. 3–12. IEEE (2009)Google Scholar
  20. 20.
    Stewart, J.: DNS cache poisoning-the next generation (2003)Google Scholar
  21. 21.
    Streibelt, F., Böttger, J., Chatzis, N., Smaragdakis, G., Feldmann, A.: Exploring EDNS-client-subnet adopters in your free time. In: Proceedings of the 2013 Conference on Internet Measurement Conference, pp. 305–312. ACM (2013)Google Scholar
  22. 22.
    Zhao, F., Hori, Y., Sakurai, K.: Analysis of privacy disclosure in DNS query. In: International Conference on Multimedia and Ubiquitous Engineering, 2007, MUE 2007, pp. 952–957. IEEE (2007)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Panagiotis Kintis
    • 1
    Email author
  • Yacin Nadji
    • 1
  • David Dagon
    • 1
  • Michael Farrell
    • 2
  • Manos Antonakakis
    • 3
  1. 1.School of Computer ScienceGeorgia Institute of TechnologyAtlantaUSA
  2. 2.Institute for Internet Security and PrivacyGeorgia Institute of TechnologyAtlantaUSA
  3. 3.School of Electrical and Computer EngineeringGeorgia Institute of TechnologyAtlantaUSA

Personalised recommendations