how to get a trustworthy dns privacy enabling recursive
play

How to get a trustworthy DNS Privacy enabling recursive resolver - PowerPoint PPT Presentation

Sep 15, 2023 •102 likes •321 views

How to get a trustworthy DNS Privacy enabling recursive resolver an analysis of authentication mechanisms for DNS Privacy enabling recursive resolvers Benno Overeinder Melinda Shore Willem Toorop Fastly NLnet Labs NLnet Labs (presenter)

  1. How to get a trustworthy DNS Privacy enabling recursive resolver an analysis of authentication mechanisms for DNS Privacy enabling recursive resolvers Benno Overeinder Melinda Shore Willem Toorop Fastly NLnet Labs NLnet Labs (presenter)

  2. DNS over TLS What are the actors, and what are their relationships? Current Spec (RFC7858) focuses on securing stub to recursive traffic ● local network (DHCP) (wifi) Authoritative Stub resolver Privacy enabling Authoritative recursive resolver Authoritative TLS from the system stub client to a privacy enabling recursive resolver can withstand ● he power and capabilities of a passive pervasive monitor (i.e. an eavesdropper) The user entrusts her queries with the Privacy enabling recursive resolver ● How did the stub resolver learn the recursive resolver? (traditionally via DHCP ) ●

  3. DNS over TLS What are the actors, and what are their relationships? Current Spec (RFC7858) focuses on securing stub to recursive traffic ● dnsovertls.sinodun.com Authoritative Privacy enabling Stub resolver recursive resolver Gateway Authoritative DNSSEC DNSSEC Authoritative User trusts the channel (Verbally? Website?) over which the connection end-point ● (IP-address? Name?) was communicated (what is most reliable to get right, name or IP?) How to get the IP-address for a name securely, and privately (what is acceptable to leak?) ● Trust the DNSSEC root trust-anchor + provisioning channel + TLD of the name ? ●

  4. Authentication TLS from stub to resolver cat withstand the power and capabilities of an eavesdropper, ● it does not withstand an attacker that plugs itself into the path local network (wifi) Authoritative Stub resolver Privacy enabling recursive resolver Gateway Authoritative Authoritative malicious Gateway/ resolver Trust in the network can be replaced with authentication ● In RFC7858 and draft-ietf-dtls-and-tls-profiles authenticated TLS is called Strict . ● Oppertunistic is the best you can get modus operandi ●

  5. Analysis of authentication mechanisms Analyzed mechanisms: (from draft-ietf-dprive-dtls-and-tls-profiles) ● SubjectPublicKeyInfo pinning … SPKI – Traditional Public Key Infrastructure for X.509 Certificates – Statically configured Authentication Domain Name and IP address … PKIX ADN + IP ● Statically configured Authentication Domain Name + dynamically obtained IP … PKIX ADN only ● DNS Based Authentication of Named Entities … DANE – TLS DNSSEC Authentication Chain Extension – There are key trade-offs between ● Usability & provision flexibility (important for adoption and correct usage) – meta queries leaking information in these mechanisms – Requirements on additional dependencies (fewer deps, less can break; i.e. Robustness) – Availability of unhampered DNSSEC and DNSSEC capable stub resolver ● Third parties (Trust anchor/CA store) that do the authentication ●

  6. Analysis of authentication mechanisms 1 2 3 4 5 SPKI PKIX ADN + IP PKIX ADN only DANE Chain Extension We did an analysis on the basis of these considerations: ● 1) Ease of configuration … Least possible config to identify the trusted recursive resolver 2) Key management … Can it handle updated, rolled or withdrawn keys 3) Information leakage … Leaks info about the trusted recursive resolver, via DNS or SNI 4) DNSSEC dependency … Needs DNSSEC availability and capability for bootstrapping 5) Trust requirements … Dependencies and maintainability on Trust Anchor and/or CA store

  7. SubjectPublicKeyInfo (SPKI) pinning IP address: 2001:610:1:40ba:145:100:185:15 SPKI pinset: 62lKu9HsDVbyiPenApnc4sfmSYTHOVfFgL3pyB+cBL4= Authoritative Privacy enabling Stub resolver recursive resolver Authoritative ? IP address Authoritative ? hash of Public Key + direct and simple + nothing is leaked + no additional network activity

  8. SubjectPublicKeyInfo (SPKI) pinning IP address: 2001:610:1:40ba:145:100:185:15 SPKI pinset: 62lKu9HsDVbyiPenApnc4sfmSYTHOVfFgL3pyB+cBL4= SPKI pinset Authoritative updates Privacy enabling Stub resolver recursive resolver Authoritative ? IP address Authoritative ? hash of Public Key + direct and simple - IP-address and pinset are easy to get wrong - Lacks provisioning + nothing is leaked - Lacks compromised and updated keys signaling + no additional network activity Tip! Backup pinsets

  9. Traditional Public Key Infrastructure for X.509 Certificates (PKIX) name: dns.cmrg.net ? name ? IP address - static, DHCP or DNS IP ? Authoritative Privacy enabling + traditional, well-known Stub resolver recursive resolver Authoritative OS managed Authoritative + keys can be rolled - All CA’s in the store can vouch for any name

  10. Traditional Public Key Infrastructure for X.509 Certificates (PKIX) name: dns.cmrg.net ? name ? IP address - static, DHCP or DNS Authoritative Privacy enabling + traditional, well-known Stub resolver recursive resolver Authoritative OS managed SNI : dns.cmrg.net Authoritative OCSP etc. - All CA’s in the store can vouch for any name - no signaling of unknown CA (reason for opportunistic encryption with SMTPS) - network access + DNS is already needed for OCSP etc.

  11. PKIX - statically configured IP address name: dnsovertls.sinodun.com ? name ip : 2001:610:1:40ba:145:100:185:15 ? static IP address - IP easy to get wrong Authoritative - no IP change signalling Privacy enabling Stub resolver recursive resolver Authoritative SNI : dns.cmrg.net Authoritative OCSP etc.

  12. PKIX – Both name and IP address came from DHCP + Dynamically configured Authentication Domain Name Authoritative name: dns.cmrg.net Privacy enabling ip: 199..58.81.218 Stub resolver recursive resolver Authoritative SNI : dns.cmrg.net Authoritative DHCP OCSP etc. - Needs secure DHCP (does not exist) + extension to convey the ADN - Shifts problem to bootstrapping secure DHCP (how is that statically configured?)

  13. PKIX – statically configured name, IP address from DNS Lookup the privacy resolver with DNS name: dns.cmrg.net _domain-s._tcp.dns.cmrg.net SRV 199.58.81.218 unhampered DNSSEC Authoritative + IP change provisioning DNSSEC Privacy enabling Stub resolver recursive resolver Authoritative SNI : dns.cmrg.net DN DNSSE SEC DNSSEC Authoritative OCSP etc. d raft-ietf-dprive-dtls-and-tls-profiles requires DNSSEC for lookup - Needs unhampered DNSSEC - DNSSEC capable stub resolver needed - Additional trust in DNSSEC trust anchor + In protocol trust anchor rollover (RFC5011)

  14. DNS Based Authentication of Named Entities (DANE) Lookup the privacy resolver with DNS name: dns.cmrg.net _domain-s._tcp.dns.cmrg.net SRV _853._tcp.dns.cmrg.net TLSA A A A S S S 199.58.81.218 199.58.81.218 L L L unhampered T T T DNSSEC Authoritative + IP change provisioning + No more dependency on DNSSEC Privacy enabling CA infrastructure Stub resolver recursive resolver Authoritative SNI : dns.cmrg.net DN DNSSE SEC DNSSEC Authoritative Not concerning the option with provided IP, because that has no additional benefits - Needs unhampered DNSSEC - DNSSEC capable stub resolver needed - Additional trust in DNSSEC trust anchor + In protocol trust anchor rollover (RFC5011)

  15. TLS DNSSEC Authentication Chain Extension name: dnsovertls.sinodun.com draft-ietf-tls- Ip: 2001:610:1:40ba:145:100:185:15 dnssec-chain-extension Authoritative TLSA TL SA TLSA DNSSEC Privacy enabling Stub resolver recursive resolver Authoritative SNI : dns.cmrg.net DNSSEC DNSSEC DNSSEC Authoritative Not concerning the option with resolved IP, + Smallest setup latency (same as SPKI) because that has no additional benefits – No IP change provisioning compared to the pure DANE option + No more dependency on CA infrastructure + No need for unhampered DNSSEC – DNSSEC capable stub resolver needed – Additional trust in DNSSEC trust anchor + In protocol trust anchor rollover (RFC5011)

  16. Comparison of the different considerations per mechanism Ease of configuration SPKI -- PKIX ADN + IP - PKIX ADN only ++ DANE ++ Chain extension - ++) PKIX ADN only, DANE need only the name -) PKIX ADN + IP, Chain ext. need name + IP (IPv6 addresses are hard to communicate) --) SPKI needs IP + pinset (Base64 pinset is impossible to communicate)

  17. Comparison of the different considerations per mechanism Ease of Key configuration management SPKI -- -- PKIX ADN + IP - - PKIX ADN only ++ - DANE ++ + Chain extension - + + ) DANE, Chain extension DNSSEC has single trust anchor in protocol key management (RFC5011) bootstrap problem when of for long period? - ) PKIX ADN’s Traditional, well known, managed by OS, but weakest link problem lack of unknown CA signaling --) SPKI Complete manual provisioning with long Base64 string

  18. Comparison of the different considerations per mechanism Ease of Key Information configuration management leakage SPKI -- -- ++ PKIX ADN + IP - - - PKIX ADN only ++ - -- DANE ++ + -- Chain extension - + + ++) SPKI No non-TLS communications, no SNI + ) Chain extension No non-TLS communications, leaks name by SNI - ) PKIX ADN + IP No non-TLS communications, leaks name by SNI , leaks CRL checking --) PKIX ADN only, DANE DNS communication before TLS setup, leaks SNI PKIX also leaks CRL

Recommend

Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers Nikos

Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers Nikos

Enabling Privacy-Aware Zone Exchanges Among Authoritative and Recursive DNS Servers Nikos Kostopoulos, Dimitris Kalogeras and Vasilis Maglaris NET work M anagement & O ptimal De sign ( NETMODE ) Laboratory School of Electrical & Computer

309 views • 17 slides
Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does

Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does

Lightning Introductions PRIVACY ENABLING DESIGN May 7-8, 2015 Brian Anderson / IBM Where does privacy end and security begin? What are the responsibilities of an organization to protect their assets while balancing the privacy of those who

980 views • 52 slides
From Enabling to Enforcing Privacy Naipeng Dong, Hugo Jonker , Jun Pang Why privacy for eHealth?

From Enabling to Enforcing Privacy Naipeng Dong, Hugo Jonker , Jun Pang Why privacy for eHealth?

From Enabling to Enforcing Privacy Naipeng Dong, Hugo Jonker , Jun Pang Why privacy for eHealth? Healthcare data: inherently private. Subversion of data processing: dangerous! FHIES, 29-30 August 2011 Hugo Jonker - p. 2/25 Current

546 views • 32 slides
Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems that are naturally solved by recursion Examples: Recursive function: Fibonacci numbers Recursive graphics: Fractals Mutual recursion:

796 views • 61 slides
TCIPG TECHNICAL CLUSTERS AND THREADS Trustworthy Trustworthy Technologies for Wide Technologies

TCIPG TECHNICAL CLUSTERS AND THREADS Trustworthy Trustworthy Technologies for Wide Technologies

TRUSTWORTHY CYBER INFRASTRUCTURE FOR THE POWER GRID | TCIPG.OR G TCIPG TECHNICAL CLUSTERS AND THREADS Trustworthy Trustworthy Technologies for Wide Technologies for Local Responding To and Trust Assessment Area Monitoring and Area

291 views • 8 slides
1 Recursive Definitions Infinite Recursion The recursive part of the LIST definition is used

1 Recursive Definitions Infinite Recursion The recursive part of the LIST definition is used

CSC 2014 Java Bootcamp Lecture 9 Recursion 2 Recursion Recursion is a fundamental programming technique that can provide an elegant solution certain kinds of problems RECURSIVE THINKING 3 4 Recursive Thinking Recursive Definitions

148 views • 4 slides
Recursive Methods Recursive problem solution Problems that are naturally solved by

Recursive Methods Recursive problem solution Problems that are naturally solved by

Recursive Methods Recursive problem solution Problems that are naturally solved by recursion Derivative of rational function Recursive Methods Examples: Recursive function: Fibonacci numbers Recursive graphics:

284 views • 5 slides
61A Lecture 6 Announcements Recursive Functions Recursive Functions 4 Recursive Functions

61A Lecture 6 Announcements Recursive Functions Recursive Functions 4 Recursive Functions

61A Lecture 6 Announcements Recursive Functions Recursive Functions 4 Recursive Functions Definition: A function is called recursive if the body of that function calls itself, either directly or indirectly 4 Recursive Functions Definition:

1.08k views • 88 slides
Recursion Announcements Recursive Functions Recursive Functions 4 Recursive Functions

Recursion Announcements Recursive Functions Recursive Functions 4 Recursive Functions

Recursion Announcements Recursive Functions Recursive Functions 4 Recursive Functions Definition : A function is called recursive if the body of that function calls itself, either directly or indirectly 4 Recursive Functions Definition

1.11k views • 89 slides
LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships Changchang Liu, Prateek

LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships Changchang Liu, Prateek

Outline Introduction LinkMirage Conclusion LinkMirage: Enabling Privacy-preserving Analytics on Social Relationships Changchang Liu, Prateek Mittal Email: cl12@princeton.edu, pmittal@princeton.edu Princeton University February 23, 2016 1 /

917 views • 42 slides
Lesson 9 Recursive Types 2/19, 21 Chapters 20, 21 Recursive type Recursive type terms are

Lesson 9 Recursive Types 2/19, 21 Chapters 20, 21 Recursive type Recursive type terms are

Lesson 9: Recursive Types Lesson 9 Recursive Types 2/19, 21 Chapters 20, 21 Recursive type Recursive type terms are infinite, but regular For finite terms, use induction based on least fixed points For infinite terms/trees, we

232 views • 7 slides
Review Recursion Factorial (Iterative and Recursive versions) Call Stack (Last-in,

Review Recursion Factorial (Iterative and Recursive versions) Call Stack (Last-in,

Review Recursion Factorial (Iterative and Recursive versions) Call Stack (Last-in, first-out Queue) Tracing recursive functions Fibonacci Sequence Recursive Implementation Recursive Maze Generation One can declare an

921 views • 16 slides
Trustworthy Technologies for Local Area Management, Monitoring, and Control Tom Overbye Number

Trustworthy Technologies for Local Area Management, Monitoring, and Control Tom Overbye Number

Trustworthy Technologies for Local Area Management, Monitoring, and Control Tom Overbye Number of Activities: 5 2012 Industry Workshop October 30, 2012 | 1 TCIPG Technical Clusters and Threads Trustworthy Technologies Trustworthy

419 views • 10 slides
Assessing the Stability of Forecasting Models: Recursive Parameter Estimation and Recursive

Assessing the Stability of Forecasting Models: Recursive Parameter Estimation and Recursive

Assessing the Stability of Forecasting Models: Recursive Parameter Estimation and Recursive Residuals At each t, t = k, ... ,T-1, compute: Recursive parameter est. and forecast: Recursive residual: If all is well: Sequence of 1-step forecast

650 views • 39 slides
$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

$ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that

Presentation Slides $ Lesson Ten Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

318 views • 13 slides
Trustworthy Computing * Reverse engineers agree on that! Trustworthy Computing Trustworthy

Trustworthy Computing * Reverse engineers agree on that! Trustworthy Computing Trustworthy

Trustworthy Computing * Reverse engineers agree on that! Trustworthy Computing Trustworthy Computing Trustworthy Computing Trustworthy Computing Trustworthy Computing Trustworthy Computing *

753 views • 63 slides
Recursion Announcements Recursive Functions Recursive Functions Definition : A function is

Recursion Announcements Recursive Functions Recursive Functions Definition : A function is

Recursion Announcements Recursive Functions Recursive Functions Definition : A function is called recursive if the body of that function calls itself, either directly or indirectly Implication : Executing the body of a recursive function may

320 views • 18 slides
OUTLINE CHAPTER 10 Recursive Hierarchies Table of contents Recursive Hierarchies and Bridges

OUTLINE CHAPTER 10 Recursive Hierarchies Table of contents Recursive Hierarchies and Bridges

OUTLINE CHAPTER 10 Recursive Hierarchies Table of contents Recursive Hierarchies and Bridges Reporting Challenge Flattening a Recursive Hierarchy The Hierarchy Bridge Double Counting Resolving Many to Many Dinesh Maharjan

401 views • 13 slides
Trustworthy Technologies for Wide Area Monitoring and Control Carl Hauser Number of Activities:

Trustworthy Technologies for Wide Area Monitoring and Control Carl Hauser Number of Activities:

Trustworthy Technologies for Wide Area Monitoring and Control Carl Hauser Number of Activities: 9 2012 Industry Workshop October 30, 2012 | 1 TCIPG Technical Clusters and Threads Trustworthy Technologies Trustworthy Technologies Responding

249 views • 12 slides
Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in

Privacy Protection privacy notions and metrics; privacy in RFID systems; location privacy in vehicular networks; Security and Cooperation in Wireless Networks Georg-August University Gttingen Chapter outline 1 Important privacy related

1.12k views • 33 slides
Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy -

CISPA Center for IT Security, Privacy and Accountabiltiy Introduction to Cybersecurity Database Privacy Review: Anonymity vs. Privacy Privacy - Privacy is the claim of individuals, groups, or institutions to determine for themselves when,

573 views • 26 slides
$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

$ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy

Presentation Slides $ Lesson Fourteen Consumer Privacy 04/09 privacy and information information privacy: privacy that involves the rights of individuals in relation to information about them that is circulating in society. why privacy is an

429 views • 13 slides
CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies

CS305 Topic Privacy Concept Evolution Rights to Privacy Privacy and Technologies US Privacy Laws Sources: Baase: A Gift of Fire and Quinn: Ethics for the Information Age Ethics Spring 2010 Privacy 1 Privacy The original

725 views • 45 slides
Announcements Recursion Recursive Functions Definition : A function is called recursive if the

Announcements Recursion Recursive Functions Definition : A function is called recursive if the

Announcements Recursion Recursive Functions Definition : A function is called recursive if the body of that function calls itself, either directly or indirectly Implication : Executing the body of a recursive function may require applying that

398 views • 3 slides

More recommend