dns privacy
play

DNS Privacy dnsprivacy.org Sara Dickinson Sinodun sara@sinodun.com - PowerPoint PPT Presentation

Feb 09, 2024 •417 likes •1.06k views

DNS Privacy dnsprivacy.org Sara Dickinson Sinodun sara@sinodun.com RMLL, Saint-tienne, France July 2017 Overview The problem: Why Internet privacy and DNS Privacy are

  1. DNS Privacy dnsprivacy.org Sara Dickinson Sinodun sara@sinodun.com RMLL, Saint-Étienne, France July 2017

  2. Overview • The problem: Why Internet privacy and DNS Privacy are important (DNS leakage) • Recent Progress: Chart progress during last 3-4 years (DPRIVE) in open standards and open source software • Where are we now? Present current status and tools DNS Privacy @ RMLL July 2017 2

  3. 
 IETF Open Standards and Privacy March 2011 I-D: Privacy Considerations for Internet Protocols (IAB) Snowdon What timing! June 2013 revelations RFC6973: Privacy Considerations for Internet Protocols July 2013 RFC7258 : Pervasive Monitoring is an Attack: 
 “ PM is an attack on the privacy of Internet users May 2014 and organisations .” DNS Privacy @ RMLL July 2017 3

  4. DNS Privacy - A brief history DNS Privacy @ RMLL July 2017 4

  5. DNS is part of the Internet ‘leaky boat’ problem DNS Privacy @ RMLL July 2017 5

  6. DNS Privacy (in 2013) • DNS is 30 year old! [RFC1034/5 (1987)] • Original design: availability, redundancy and speed! • DNS is an ‘enabler’ • DNS standards: DNS sent in clear text • UDP (99% of traffic to root) NSA: MORECOWBELL • TCP only for ‘fallback’ (pre 2010) • Perception: The DNS is public, right? It is not sensitive/personal information….it doesn’t need to be protected/encrypted DNS Privacy @ RMLL July 2017 6

  7. DNS Disclosure Example 1 Root Rec Auth for .org Auth for ietf.org DNS Privacy @ RMLL July 2017 7

  8. DNS Disclosure Example 1 Root Rec Auth for .org Auth for Stub ietf.org DNS Privacy @ RMLL July 2017 7

  9. DNS Disclosure Example 1 Root Rec Auth for .org Auth for Stub Recursive ietf.org DNS Privacy @ RMLL July 2017 7

  10. DNS Disclosure Example 1 Root Rec Auth for .org Auth for Stub Recursive ietf.org Authoritative DNS Privacy @ RMLL July 2017 7

  11. DNS Disclosure Example 1 Root Rec Auth for .org Auth for ietf.org DNS Privacy @ RMLL July 2017 7

  12. DNS Disclosure Example 1 Root Rec datatracker.ietf.org Auth for .org Auth for ietf.org DNS Privacy @ RMLL July 2017 7

  13. DNS Disclosure Example 1 datatracker.ietf.org Root Rec datatracker.ietf.org Auth datatracker.ietf.org for .org Auth for ietf.org datatracker.ietf.org DNS Privacy @ RMLL July 2017 7

  14. DNS Disclosure Example 1 datatracker.ietf.org datatracker.ietf.org Leak information Root Rec datatracker.ietf.org Auth datatracker.ietf.org datatracker.ietf.org for .org Auth for ietf.org datatracker.ietf.org DNS Privacy @ RMLL July 2017 7

  15. EDNS0 problem • RFC6891 (2013): Extension Mechanisms for DNS (EDNS0) Intended to enhance DNS protocol capabilities • But…. mechanism enabled addition of end-user data into DNS queries (non-standard options) 8 DNS Privacy @ RMLL July 2017

  16. EDNS0 problem • RFC6891 (2013): Extension Mechanisms for DNS (EDNS0) Intended to enhance DNS protocol capabilities • But…. mechanism enabled addition of end-user data into DNS queries (non-standard options) ISP justification: Parental Filtering (per user) CDN justification: Faster content (geo location) 8 DNS Privacy @ RMLL July 2017

  17. DNS Disclosure Example 2 Parental Filtering ietf.org ? [00:00:53:00:53:00] Auth Rec Stub CPE [User src address] MAC address or id in DNS query DNS Privacy @ RMLL July 2017 9

  18. DNS Disclosure Example 2 Parental Filtering CDN Geo-location ietf.org ? ? ietf.org ? [00:00:53:00:53:00] [192.168.1] Auth Rec Stub CPE [User src address] Client Subnet (RFC7871) MAC address or id contains source subnet in DNS query in DNS query DNS Privacy @ RMLL July 2017 9

  19. DNS Disclosure Example 2 Auth Rec Stub CPE Even behind a NAT, Even behind a recursive do do not have not have anonymity! anonymity! DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul 10

  20. DNS Disclosure Example 2 afnic.fr ? parisinfo.com ? dnsreactions.tumblr.com? Auth Rec Stub CPE Even behind a NAT, Even behind a recursive do do not have not have anonymity! anonymity! DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul 10

  21. DNS Disclosure Example 2 afnic.fr ? afnic.fr ? parisinfo.com ? parisinfo.com ? dnsreactions.tumblr.com? dnsreactions.tumblr.com? Auth Rec Stub CPE Even behind a NAT, Even behind a recursive do do not have not have anonymity! anonymity! DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul 10

  22. 
 DNS: It’s not just for names • MX records (email domain) • SRV records (services) • OPENPGPKEY (email addresses) • …this is only going to increase…. 
 DNS Privacy @ RMLL July 2017 11

  23. 
 DNS: It’s not just for names • MX records (email domain) • SRV records (services) • OPENPGPKEY (email addresses) • …this is only going to increase…. 
 DNS Privacy @ RMLL July 2017 11

  24. DNS Disclosure Example 3 • (AUTH) Who monitors or has access here ISP/ government/NSA/Passive DNS? • (AUTH) Does my ISP sell my (anonymous) data? • (UNAUTH) How safe is this data? Root Rec Auth for .org • When at home… • When in a coffee shop… DNS Privacy @ RMLL July 2017 12

  25. DNS Disclosure Example 3 • (AUTH) Who monitors or has access here ISP/ Who monitors or has government/NSA/Passive DNS? access here? • (AUTH) Does my ISP sell my (anonymous) data? • (UNAUTH) How safe is this data? Root Rec Auth for .org • When at home… • When in a coffee shop… Who monitors or has access here? DNS Privacy @ RMLL July 2017 12

  26. DNS - leakage • Basic problem is leakage of meta data • Allows fingerprinting and re-identification of individuals • Even without user meta data traffic analysis is possible based just on timings and cache snooping • Operators see (and log) your 
 DNS queries DNS Privacy Tutorial @ IETF 97 13 Nov 2016, Seoul

  27. DNS - leakage • Basic problem is leakage of meta data • Allows fingerprinting and re-identification of individuals • Even without user meta data traffic analysis is possible based just on timings and cache snooping • Operators see (and log) your 
 DNS queries DNS Privacy Tutorial @ IETF 97 13 Nov 2016, Seoul

  28. 
 
 DNS Risk Matrix In-Flight At Rest Risk Stub => Rec Rec => Auth At 
 At 
 Recursive Authoritative Passive Monitoring Active Monitoring Other Disclosure Risks e.g. Data breaches DNS Privacy @ RMLL July 2017 14

  29. DPRIVE WG et al. DNS Privacy @ RMLL July 2017 15

  30. 
 IETF DPRIVE WG • DPRIVE WG create in 2014 
 Charter: Primary Focus is Privacy 
 for Stub to recursive Why not tackle whole problem? • • Don’t boil the ocean, stepwise solution • Stub to Rec reveals most information • Rec to Auth is a particularly hard problem DNS Privacy @ RMLL July 2017 16

  31. Problem statement: RFC 7626 DNS Privacy Considerations: 
 Expert coverage of risks throughout DNS ecosystem • Rebuts “alleged public nature of DNS data” • The data may be public, but a DNS 
 ‘ transaction ’ is not/should not be. “A typical example from outside the DNS world is: the web site of Alcoholics Anonymous is public; the fact that you visit it should not be.” DNS Privacy @ RMLL July 2017 17

  32. Stub/Rec Encryption Options Pros Cons • Port 53 • Downgrade attack on negotiation • Known technique • Port 53 - middleboxes blocking? STARTTLS • Incrementation deployment • Latency from negotiation • New DNS port 
 TLS • New port assignment (no interference with port 53) • Scalability? (new port) • Existing implementations • Truncation of DNS messages • UDP based DTLS (just like UDP) • Not as widely used/ ➡ Fallback to TLS or clear text (new port) deployed ❌ Can’t be standalone solution DNS Privacy @ RMLL July 2017 18

  33. Stub/Rec Encryption Options Pros Cons • Port 53 • Downgrade attack on negotiation • Known technique • Port 53 - middleboxes blocking? STARTTLS • Incrementation deployment • Latency from negotiation • New DNS port 
 TLS • New port assignment (no interference with port 53) • Scalability? (new port) • Existing implementations • Truncation of DNS messages • UDP based DTLS (just like UDP) • Not as widely used/ ➡ Fallback to TLS or clear text (new port) deployed ❌ Can’t be standalone solution DNS Privacy @ RMLL July 2017 18

  34. Stub/Rec Encryption Options Pros Cons • Port 53 • Downgrade attack on negotiation • Known technique • Port 53 - middleboxes blocking? STARTTLS • Incrementation deployment • Latency from negotiation • New DNS port 
 TLS • New port assignment (no interference with port 53) • Scalability? (new port) • Existing implementations • Truncation of DNS messages • UDP based DTLS (just like UDP) • Not as widely used/ ➡ Fallback to TLS or clear text (new port) deployed ❌ Can’t be standalone solution DNS Privacy @ RMLL July 2017 18

  35. Encrypted DNS ‘TODO’ list 1. Get a new port 2. DNS-over-TCP/TLS: Address issues in standards and implementations 3. Tackle authentication of DNS servers (bootstrap problem) 4. What about traffic analysis of encrypted traffic - msg size & timing still tell a lot! DNS Privacy @ RMLL July 2017 19

Recommend

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

ECE598NB Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics Course Structure Privacy Define privacy Privacy History Privacy has always existed Cities / large populations have made

173 views • 14 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy Alexandra Wood Berkman Klein Center for Internet & Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

CS 134 Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire (Image from geekologie.com) Relevant to corporations & government agencies Recently increased awareness However, general public

171 views • 16 slides
PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Todays Menu PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches COMPUTING Definitions Challenges 1. History and legal aspects 1.

264 views • 13 slides
Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Mobile Networks - Module H2 Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; privacy preserving routing in ad hoc networks; Slides adapted from Security and

909 views • 55 slides
Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Simone Fischer-Hbner Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues (LBS, RFID,...) IV. European Privacy Legislation/ Directives I. Definition Warren & Brandeis 1890 The right to

694 views • 30 slides
matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

Government data matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy Assessments 17 May 2018 Brief overview of the OAIC, Privacy Act and Australian Privacy Principles (APPs) OAICs involvement

454 views • 16 slides
Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy, and Data April 18, 2019 The Pessimistic View (or, Privacy is Dead) Internet Privacy A More Realistic View Privacy Monetization Convenience

355 views • 9 slides
Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When?

Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When?

CS4001: Computing, Society and Professionalism Sauvik Das | Assistant Professor Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When? How?* Privacy * Dont need to share specifics, just u

427 views • 29 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Beneficial ownership transparency, Title Page privacy and data protection 23 October Presented by Tom Walker tom@theengineroom.org @thomwithoutanh Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

702 views • 13 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole Polytechnique 1 Plan of the talk General introduction to privacy issues A naive approach to privacy protection: anonymization Why it

740 views • 44 slides

More recommend