Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

SpaCCS 2019: Security, Privacy, and Anonymity in Computation, Communication, and Storage pp 50–62Cite as

EPT: EDNS Privacy Tunnel for DNS

  • Conference paper
  • First Online:

  • 1454 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11611))

Abstract

DNS privacy concerns are growing. Recursive resolvers such as ISP DNS and Google Public DNS are serving massive clients, which could fingerprint individual users and analysis the domain interest of users easily. In order to mitigate user privacy leaks on recursive resolvers, in this paper we propose an EDNS privacy tunnel (EPT) extension for DNS. EPT can hide the query domain name from recursive resolvers through public key encryption, avoid big data analysis on individual users, defense against censorship and lying recursive resolvers.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Imana, B., Korolova, A., Heidemann, J.: Enumerating privacy leaks in DNS data collected above the recursive. In NDSS: DNS Privacy Workshop, February 2018

    Google Scholar 

  2. Siby, S., Juarez, M., Vallina-Rodriguez, N., Troncoso, C.: DNS Privacy not so private: the traffic analysis perspective (2018)

    Google Scholar 

  3. Bradshaw, S., DeNardis, L.: Privacy by infrastructure: the unresolved case of the domain name system. Policy Internet 11(1), 16–36 (2019)

    Article  Google Scholar 

  4. Contavalli, C., van der Gaast, W., Lawrence, D., Kumari, W.: Client Subnet in DNS Queries. RFC7871 (2016)

    Google Scholar 

  5. Kintis, P., Nadji, Y., Dagon, D., Farrell, M., Antonakakis, M.: Understanding the privacy implications of ECS. In: Caballero, J., Zurutuza, U., Rodríguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 343–353. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40667-1_17

    Chapter  Google Scholar 

  6. Hu, Z., et al.: Specification for DNS over Transport Layer Security (TLS). RFC 7858 (2016)

    Google Scholar 

  7. Reddy, T., Wing, D., Patil, P.: DNS over Datagram Transport Layer Security (DTLS). No. RFC 8094 (2017)

    Google Scholar 

  8. Dempsky, M.: DNSCurve: link-level security for the domain name system. Work in Progress, draft-dempsky-dnscurve-01 (2010)

    Google Scholar 

  9. DNSCrypt. https://dnscrypt.org/

  10. Wijngaards, W., Wiley, G.: Confidential DNS. IETF Draft (2015). https://tools.ietf.org/html/draft-wijngaards-dnsop-confidentialdns-03

  11. Kumari, W., Hoffman, P.: Decreasing Access Time to Root Servers by Running One on Loopback. RFC 7706 (2015)

    Google Scholar 

  12. Bortzmeyer, S.: DNS Query Name Minimisation to Improve Privacy. RFC7816 (2016)

    Google Scholar 

  13. Herrmann, D., Fuchs, K.-P., Lindemann, J., Federrath, H.: EncDNS: a lightweight privacy-preserving name resolution service. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 37–55. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11203-9_3

    Chapter  Google Scholar 

  14. Schmitt, P., Edmundson, A., Feamster, N.: Oblivious DNS: practical privacy for DNS queries. arXiv preprint arXiv:1806.00276 (2018)

  15. Damas, J., Graff, M., Vixie, P.: Extension mechanisms for DNS (EDNS (0)). RFC 6891 (2013)

    Google Scholar 

  16. Greschbach, B., Pulls, T., Roberts, L.M., Winter, P., Feamster, N.: The Effect of DNS on Tor’s Anonymity. arXiv preprint arXiv:1609.08187 (2016)

  17. Chen, Y., Antonakakis, M., Perdisci, R., Nadji, Y., Dagon, D., Lee, W.: DNS noise: measuring the pervasiveness of disposable domains in modern DNS traffic. In: 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 598–609. IEEE, June 2014

    Google Scholar 

  18. dns_test_ept. https://github.com/abbypan/dns_test_ept

  19. Martínez, V.G., Encinas, L.H.: A comparison of the standardized versions of ECIES. In: Sixth International Conference on Information Assurance and Security (IAS), pp. 1–4. IEEE, August 2010

    Google Scholar 

  20. Pan, L., Yuchi, X., Wang, J., Hu, A.: A public key based EDNS privacy tunnel for DNS. In: 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), pp. 1722–1724. IEEE, August 2018

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Geely Automobile Research Institute, Hangzhou, 315336, Zhejiang, China

    Lanlan Pan & Jie Chen

  2. China Internet Network Information Center, Beijing, 100190, China

    Anlei Hu

  3. Chinese Academy of Sciences, Beijing, 100190, China

    Xuebiao Yuchi

Authors
  1. Lanlan Pan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jie Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Anlei Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xuebiao Yuchi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Lanlan Pan .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Huazhong University of Science and Technology, Wuhan, China

    Jun Feng

  3. Fordham University, New York City, NY, USA

    Md Zakirul Alam Bhuiyan

  4. University of New Brunswick, Fredericton, NB, Canada

    Rongxing Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Pan, L., Chen, J., Hu, A., Yuchi, X. (2019). EPT: EDNS Privacy Tunnel for DNS. In: Wang, G., Feng, J., Bhuiyan, M., Lu, R. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2019. Lecture Notes in Computer Science(), vol 11611. Springer, Cham. https://doi.org/10.1007/978-3-030-24907-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-24907-6_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-24906-9

  • Online ISBN: 978-3-030-24907-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation