I am really interested to know the opinion of people about the comparison of the following cases:
consider a scenario where someone only hides the source of traffic using any approach (presume it can be onion based approaches, etc.) without encryption. In this scenario a DNS server receive from an anonymous network or user (because the IP address was hidden behind several nodes). For example DNS server receives something like example.com from anonymous entity. Now please compare the above scenario to the scenario where you have encryption only. For this comparison please use different factors such as DoS, performance (client, server), delay, any other factor that you can add. For this comparison, please consider different attack scenarios by presuming that the surveillance actor have access to all traffic and the cases where he doesn't have access to all traffic. In former case, for example, he logs all information in the DNS server. Another example is that he monitors all traffic and the third example is the interception of traffic by any intermediate device. In latter case, he is somewhere in other network or might not have access to all traffic. Advantages of using encryption ---------------------------- Passive attack: Active attack: Disadvantages of using encryption -------------------------- Passive attack: Active attack: Advantages of hiding only source of traffic without encryption (anonymous user or network sending request to a DNS server) ----------------------------------- Passive attack: Active attack: Disadvantage of hiding only the source of traffic without encryption ------------------------------------- Passive attack: Active attack: Advantage of combining both approaches ---------------------------------- Passive attack: Active attack: Disadvantage of combining both approaches ---------------------------------- Passive attack: Active attack: Thanks, Best, Hosnieh _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
