At the next OARC workshop:
https://indico.dns-oarc.net/event/25/session/5/contribution/26
A Study of Privacy and Anonymity in the DNS
Speakers
Christopher WOOD
Primary authors
Christopher WOOD (UCI)
Co-authors
Prof. Gene TSUDIK (UCI)
Cesar GHALI (Google)
Content
The need for a private Domain Name System (DNS) has become
increasingly important in recent years. There are several different
proposals to address this growing problem, including DNS-over-TLS and
DNSCurve. The former enables clients to create ephemeral sessions with
either their resolver or authoritative (stub) servers in which queries
can be issued. The latter uses per-query encryption to protect queries
between clients and servers. Encryption is core mechanism used to
enable client privacy in both of these solutions. However, in a recent
study, Shulman showed that encryption alone is insufficient to protect
the privacy of queries. Information leaked in DNS side channels, such
query timing, frequency, and resolution ``chains,'' may reveal the
contents of a query. Moreover, by observing the trust properties of
DNS servers and their responses, an adversary may also learn the
specific record within a domain that was requested.
[...]
_______________________________________________
dns-privacy mailing list
dns-privacy@ietf.org
https://www.ietf.org/mailman/listinfo/dns-privacy
