dns privacy
play

DNS Privacy dnsprivacy.org Sara Dickinson Sinodun (Salesforce, - PowerPoint PPT Presentation

Aug 26, 2023 •150 likes •1.02k views

DNS Privacy dnsprivacy.org Sara Dickinson Sinodun (Salesforce, NLnet Foundation) sara@sinodun.com AFNIC JCSA Paris, France (July 2017) Overview The problem: Why Internet privacy and DNS Privacy are important (DNS

  1. DNS Privacy dnsprivacy.org Sara Dickinson Sinodun (Salesforce, NLnet Foundation) sara@sinodun.com AFNIC JCSA Paris, France (July 2017)

  2. Overview • The problem: Why Internet privacy and DNS Privacy are important (DNS leakage) • Recent Progress: Chart progress during last 3-4 years (DPRIVE) • Where are we now? Present current status and tools July 2017, Paris, France DNS Privacy @ AFNIC JCSA 2

  3. Internet Privacy Slides from: Daniel Kahn Gillmor (ACLU) July 2017, Paris, France DNS Privacy @ AFNIC JCSA 3

  4. Why does internet privacy matter? • Surveillance as social 
 control • Machine learning at scale 
 today means small number 
 of people controlling 
 network can perform 
 mass surveillance July 2017, Paris, France DNS Privacy @ AFNIC JCSA 4

  5. Behaviour changes (even when no-one is watching) July 2017, Paris, France DNS Privacy @ AFNIC JCSA 5

  6. DNS is part of the leaky boat problem July 2017, Paris, France DNS Privacy @ AFNIC JCSA 6

  7. DNS Privacy - A brief history July 2017, Paris, France DNS Privacy @ AFNIC JCSA 7

  8. 
 IETF Privacy activity March 2011 I-D: Privacy Considerations for Internet Protocols (IAB) Snowdon What timing! June 2013 revelations RFC6973: Privacy Considerations for Internet Protocols July 2013 RFC7258 : Pervasive Monitoring is an Attack: 
 “ PM is an attack on the privacy of Internet users May 2014 and organisations .” July 2017, Paris, France DNS Privacy @ AFNIC JCSA 8

  9. RFC 7258 “ PM is an attack on the privacy of Internet users and organisations .” “…that needs to be mitigated where possible, via the design of protocols that make PM significantly more expensive or infeasible . “ July 2017, Paris, France DNS Privacy @ AFNIC JCSA 9

  10. DNS Privacy in 2013? • DNS is 30 year old! [RFC1034/5 (1987)] • Original design availability, redundancy and speed! • DNS is an ‘enabler’ • DNS standards: DNS sent in clear text -> NSA: ‘ MORECOWBELL ’ • UDP (99% of traffic to root) • TCP only for ‘fallback’ (pre 2010) • Perception: The DNS is public, right? It is not sensitive/personal information….it doesn’t need to be protected/encrypted 10 July 2017, Paris, France DNS Privacy @ AFNIC JCSA

  11. DNS Disclosure Example 1 datatracker.ietf.org Root Rec datatracker.ietf.org Auth datatracker.ietf.org for .org Auth for ietf.org datatracker.ietf.org July 2017, Paris, France DNS Privacy @ AFNIC JCSA 11

  12. DNS Disclosure Example 1 datatracker.ietf.org datatracker.ietf.org Leak information Root Rec datatracker.ietf.org Auth datatracker.ietf.org datatracker.ietf.org for .org Auth for ietf.org datatracker.ietf.org July 2017, Paris, France DNS Privacy @ AFNIC JCSA 11

  13. EDNS0 problem • RFC6891 : Extension Mechanisms for DNS (EDNS0) Intended to enhance DNS protocol capabilities • But…. mechanism enabled addition of end-user data into DNS queries (non-standard options) 12 July 2017, Paris, France DNS Privacy @ AFNIC JCSA

  14. EDNS0 problem • RFC6891 : Extension Mechanisms for DNS (EDNS0) Intended to enhance DNS protocol capabilities • But…. mechanism enabled addition of end-user data into DNS queries (non-standard options) ISP justification: Parental Filtering (per user) CDN justification: Faster content (geo location) 12 July 2017, Paris, France DNS Privacy @ AFNIC JCSA

  15. DNS Disclosure Example 2 Parental Filtering ietf.org ? [00:00:53:00:53:00] Auth Rec Stub CPE [User src address] MAC address or id in DNS query July 2017, Paris, France DNS Privacy @ AFNIC JCSA 13

  16. DNS Disclosure Example 2 Parental Filtering CDN Geo-location ietf.org ? ? ietf.org ? [00:00:53:00:53:00] [192.168.1] Auth Rec Stub CPE [User src address] Client Subnet (RFC7871) MAC address or id contains source subnet in DNS query in DNS query July 2017, Paris, France DNS Privacy @ AFNIC JCSA 13

  17. DNS Disclosure Example 2 Auth Rec Stub CPE Even behind a NAT, Even behind a recursive do do not have not have anonymity! anonymity! DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul 14

  18. DNS Disclosure Example 2 afnic.fr ? parisinfo.com ? dnsreactions.tumblr.com? Auth Rec Stub CPE Even behind a NAT, Even behind a recursive do do not have not have anonymity! anonymity! DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul 14

  19. DNS Disclosure Example 2 afnic.fr ? afnic.fr ? parisinfo.com ? parisinfo.com ? dnsreactions.tumblr.com? dnsreactions.tumblr.com? Auth Rec Stub CPE Even behind a NAT, Even behind a recursive do do not have not have anonymity! anonymity! DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul 14

  20. 
 DNS: It’s not just for names • MX records (email domain) • SRV records (services) • OPENPGPKEY (email addresses) • …this is only going to increase…. 
 July 2017, Paris, France DNS Privacy @ AFNIC JCSA 15

  21. 
 DNS: It’s not just for names • MX records (email domain) • SRV records (services) • OPENPGPKEY (email addresses) • …this is only going to increase…. 
 July 2017, Paris, France DNS Privacy @ AFNIC JCSA 15

  22. DNS Disclosure Example 3 • (AUTH) Who monitors or has access here ISP/ government/NSA/Passive DNS? • (AUTH) Does my ISP sell my (anonymous) data? • (UNAUTH) How safe is this data? Root Rec Auth for .org • When at home… • When in a coffee shop… July 2017, Paris, France DNS Privacy @ AFNIC JCSA 16

  23. DNS Disclosure Example 3 • (AUTH) Who monitors or has access here ISP/ Who monitors or has government/NSA/Passive DNS? access here? • (AUTH) Does my ISP sell my (anonymous) data? • (UNAUTH) How safe is this data? Root Rec Auth for .org • When at home… • When in a coffee shop… Who monitors or has access here? July 2017, Paris, France DNS Privacy @ AFNIC JCSA 16

  24. DNS - leakage • Basic problem is leakage of meta data • Allows fingerprinting and re-identification of individuals • Even without user meta data traffic analysis is possible based just on timings and cache snooping • Operators see (and log) your 
 DNS queries 
 DNS Privacy Tutorial @ IETF 97 17 Nov 2016, Seoul

  25. DNS - leakage • Basic problem is leakage of meta data • Allows fingerprinting and re-identification of individuals • Even without user meta data traffic analysis is possible based just on timings and cache snooping • Operators see (and log) your 
 DNS queries 
 DNS Privacy Tutorial @ IETF 97 17 Nov 2016, Seoul

  26. 
 
 DNS Risk Matrix In-Flight At Rest Risk Stub => Rec Rec => Auth At 
 At 
 Recursive Authoritative Passive Monitoring Active Monitoring Other Disclosure Risks e.g. Data breaches July 2017, Paris, France DNS Privacy @ AFNIC JCSA 18

  27. DPRIVE WG et al. July 2017, Paris, France DNS Privacy @ AFNIC JCSA 19

  28. 
 DPRIVE WG • DPRIVE WG create in 2014 
 Charter: Primary Focus is Stub to recursive Why not tackle whole problem? • • Don’t boil the ocean, stepwise solution • Stub to Rec reveals most information • Rec to Auth is a particularly hard problem July 2017, Paris, France DNS Privacy @ AFNIC JCSA 20

  29. DNS Privacy problem Relationship: Root 1 to ‘a few’ some of whom are know (ISP) Relationship: 1 to many most of whom are not known Rec => Authentication is hard Auth for .org July 2017, Paris, France DNS Privacy @ AFNIC JCSA 21

  30. Problem statement: RFC 7626 DNS Privacy Considerations: 
 Expert coverage of risks throughout DNS ecosystem • Rebuts “alleged public nature of DNS data” • The data may be public, but a DNS 
 ‘ transaction ’ is not/should not be. “A typical example from outside the DNS world is: the web site of Alcoholics Anonymous is public; the fact that you visit it should not be.” July 2017, Paris, France DNS Privacy @ AFNIC JCSA 22

  31. Stub/Rec Encryption Options Pros Cons • Port 53 • Downgrade attack on negotiation • Known technique • Port 53 - middleboxes blocking? STARTTLS • Incrementation deployment • Latency from negotiation • New DNS port 
 TLS • New port assignment (no interference with port 53) • Scalability? (new port) • Existing implementations • Truncation of DNS messages • UDP based DTLS (just like UDP) • Not as widely used/ ➡ Fallback to TLS or clear text (new port) deployed ❌ Can’t be standalone solution July 2017, Paris, France DNS Privacy @ AFNIC JCSA 23

  32. Stub/Rec Encryption Options Pros Cons • Port 53 • Downgrade attack on negotiation • Known technique • Port 53 - middleboxes blocking? STARTTLS • Incrementation deployment • Latency from negotiation • New DNS port 
 TLS • New port assignment (no interference with port 53) • Scalability? (new port) • Existing implementations • Truncation of DNS messages • UDP based DTLS (just like UDP) • Not as widely used/ ➡ Fallback to TLS or clear text (new port) deployed ❌ Can’t be standalone solution July 2017, Paris, France DNS Privacy @ AFNIC JCSA 23

Recommend

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals,

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is

1.01k views • 76 slides
Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in

Data privacy: an introduction (part 1) Klara Stokes What is privacy? Privacy has been defined in many ways over the years. Usually privacy is concerned with the individual human being. We may talk about privacy as the control over your own

230 views • 21 slides
Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy

Engineering privacy by design Privacy by Design Let's have it! Information and Privacy Commissioner of Ontario https://www.ipc.on.ca/images/resources/7foundationalprinciples.pdf Privacy by Design Let's have it! Article 25 European

1.32k views • 118 slides
Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy.

Anonymity & Privacy Alice Privacy EU directives (e.g. 95/46/EC) to protect privacy. College Bescherming Persoonsgegevens (CBP) What is privacy? Users must be able to determine for themselves when, how, to what extent and

798 views • 45 slides
Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics

ECE598NB Privacy Enhancing Technologies Spring 2006 Outline Privacy Overview Course Topics Course Structure Privacy Define privacy Privacy History Privacy has always existed Cities / large populations have made

173 views • 14 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor October 29, 2013 y & c S a e v c i u r P r i t e y l b L a a s

245 views • 20 slides
Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance

Privacy engineering, CyLab privacy by design, privacy impact assessments, and privacy governance Engineering & Public Policy Lorrie Faith Cranor November 11, 2014 y & c S a e v c i u r P r i t e y l b L a a s

555 views • 21 slides
Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy

Bridging Privacy Definitions: Differential Privacy and Concepts from Privacy Law & Policy Alexandra Wood Berkman Klein Center for Internet & Society at Harvard University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to

964 views • 54 slides
Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire

CS 134 Privacy and Anonymity 1 Privacy Privacy and society Basic individual right & desire (Image from geekologie.com) Relevant to corporations & government agencies Recently increased awareness However, general public

171 views • 16 slides
PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches

Marc Langheinrich: Privacy in Ubiquitous Computing 5/29/2010 Todays Menu PRIVACY IN UBIQUITOUS PRIVACY IN UBIQUITOUS Understanding Privacy Technical Approaches COMPUTING Definitions Challenges 1. History and legal aspects 1.

264 views • 13 slides
Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location

Mobile Networks - Module H2 Privacy in Wireless Networks privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; privacy preserving routing in ad hoc networks; Slides adapted from Security and

909 views • 55 slides
Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues

Simone Fischer-Hbner Privacy October 2006 Overview I. Definition II. Basic Privacy Principles III. Privacy Issues (LBS, RFID,...) IV. European Privacy Legislation/ Directives I. Definition Warren & Brandeis 1890 The right to

694 views • 30 slides
matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy

Government data matching and the Privacy Act 1988 (Cth) Dimitrios (Jim) Kormas | Assistant Director| Privacy Assessments 17 May 2018 Brief overview of the OAIC, Privacy Act and Australian Privacy Principles (APPs) OAICs involvement

454 views • 16 slides
Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy,

Privacy Presentation Task Force on Autonomous Vehicles Subcommittee on Cybersecurity, Privacy, and Data April 18, 2019 The Pessimistic View (or, Privacy is Dead) Internet Privacy A More Realistic View Privacy Monetization Convenience

355 views • 9 slides
Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When?

Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When?

CS4001: Computing, Society and Professionalism Sauvik Das | Assistant Professor Privacy September 26 th , 2018 Have you ever felt as though your u privacy was violated? u When? How?* Privacy * Dont need to share specifics, just u

427 views • 29 slides
Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy

Differential Privacy (Part III) Approximate (or ( , ))-differential privacy Generalized definition of differential privacy allowing for a (supposedly small) additive factor Used in a variety of applications A query mechanism M is (

1.27k views • 43 slides
Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

Beneficial ownership transparency, Title Page privacy and data protection 23 October Presented by Tom Walker tom@theengineroom.org @thomwithoutanh Who we are: Tom Walker // @thomwithoutanh Privacy The right to privacy : individuals should be

702 views • 13 slides
CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local

CS573 Data Privacy and Security Local Differential Privacy Li Xiong Privacy at Scale: Local Differential Privacy in Practice (Module 1) Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang Differential

819 views • 38 slides
Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole

Differential privacy and applications to location privacy Catuscia Palamidessi INRIA & Ecole Polytechnique 1 Plan of the talk General introduction to privacy issues A naive approach to privacy protection: anonymization Why it

740 views • 44 slides

More recommend