Oblivious DNS: Practical privacy for DNS queries: Published in PoPETS 2019

Paul Schmitt, Anne Edmundson, Allison Mankin, Nick Feamster

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Virtually every Internet communication typically involves a Domain Name System (DNS) lookup for the destination server that the client wants to communicate with. Operators of DNS recursive resolvers - the machines that receive a client's query for a domain name and resolve it to a corresponding IP address - can learn significant information about client activity. Recognizing the privacy vulnerabilities associated with DNS queries, various third parties have created alternate DNS services that obscure a user's DNS queries from his or her Internet service provider. Yet, these systems merely transfer trust to a different third party. We argue that no single party ought to be able to associate DNS queries with a client IP address that issues those queries. To this end, we present Oblivious DNS (ODNS), which introduces an additional layer of obfuscation between clients and their queries. To do so, ODNS uses its own authoritative namespace; the authoritative servers for the ODNS namespace act as recursive resolvers for the DNS queries that they receive, but they never see the IP addresses for the clients that initiated these queries. Our experiments using a prototype show that ODNS introduces minimal performance overhead, both for individual queries and for web page loads. Critically, we design ODNS to be compatible with existing DNS infrastructure.

Original languageEnglish (US)
Title of host publicationANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop
PublisherAssociation for Computing Machinery, Inc
Pages17-19
Number of pages3
ISBN (Electronic)9781450368483
DOIs
StatePublished - Jul 22 2019
Event2019 Applied Networking Research Workshop, ANRW 2019 - Montreal, Canada
Duration: Jul 22 2019 → …

Publication series

NameANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop

Conference

Conference2019 Applied Networking Research Workshop, ANRW 2019
CountryCanada
CityMontreal
Period7/22/19 → …

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Information Systems

Fingerprint Dive into the research topics of 'Oblivious DNS: Practical privacy for DNS queries: Published in PoPETS 2019'. Together they form a unique fingerprint.

  • Cite this

    Schmitt, P., Edmundson, A., Mankin, A., & Feamster, N. (2019). Oblivious DNS: Practical privacy for DNS queries: Published in PoPETS 2019. In ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop (pp. 17-19). (ANRW 2019 - Proceedings of the 2019 Applied Networking Research Workshop). Association for Computing Machinery, Inc. https://doi.org/10.1145/3340301.3341128