On Sat, Oct 25, 2014 at 12:40 PM, Stephane Bortzmeyer <[email protected]> wrote: > On Sat, Oct 25, 2014 at 12:08:07PM -0700, > Watson Ladd <[email protected]> wrote > a message of 37 lines which said: > >> Can we actually solve this problem? > > "Privacy" is not binary. We do not try to make impossible for the > attacker to learn things, just to make it more difficult than it is.
This is why proposals should be clear about who they protect against: most do not protect against DNS servers or DNS caches, and so most don't actually protect against malicious ISPs or other entities that provide DNS resolution. Some proposals don't even protect against observers in certain parts of the network. > >> Yes: there are PIR protocols that force an attacker to compromise >> multiple independent parties to learn the results of a query. > >> Many of these PIR protocols are very efficient. > > Do you have more specific references? http://cacr.uwaterloo.ca/techreports/2010/cacr2010-17.pdf https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final90.pdf Sincerely, Watson Ladd > -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
_______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
