1. bookVolume 2021 (2021): Issue 4 (October 2021)
Journal Details
License
Format
Journal
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
access type Open Access

Oblivious DNS over HTTPS (ODoH): A Practical Privacy Enhancement to DNS

Published Online: 23 Jul 2021
Page range: 575 - 592
Received: 28 Feb 2021
Accepted: 16 Jun 2021
Journal Details
License
Format
Journal
First Published
16 Apr 2015
Publication timeframe
4 times per year
Languages
English
Abstract

The Internet’s Domain Name System (DNS) responds to client hostname queries with corresponding IP addresses and records. Traditional DNS is unencrypted and leaks user information to on-lookers. Recent efforts to secure DNS using DNS over TLS (DoT) and DNS over HTTPS (DoH) have been gaining traction, ostensibly protecting DNS messages from third parties. However, the small number of available public large-scale DoT and DoH resolvers has reinforced DNS privacy concerns, specifically that DNS operators could use query contents and client IP addresses to link activities with identities. Oblivious DNS over HTTPS (ODoH) safeguards against these problems. In this paper we implement and deploy interoperable instantiations of the protocol, construct a corresponding formal model and analysis, and evaluate the protocols’ performance with wide-scale measurements. Results suggest that ODoH is a practical privacy-enhancing replacement for DNS.

Keywords

[1] ODoH Analysis Tamarin Model. https://github.com/cloudflare/odoh-analysis. Search in Google Scholar

[2] ODoH Artifacts. https://github.com/sudheesh001/ODoH-Artifacts. Search in Google Scholar

[3] N Aifardan, D Bernstein, K Paterson, B Poettering, and J Schuldt. On the security of RC4 in TLS and WPA. In USENIX Security, 2013. Search in Google Scholar

[4] Michael Backes, Aniket Kate, Praveen Manoharan, Sebastian Meiser, and Esfandiar Mohammadi. AnoA: A Framework for Analyzing Anonymous Communication Protocols. In 2013 IEEE 26th Computer Security Foundations Symposium, pages 163–178, 2013. Search in Google Scholar

[5] Kenji Baheux. Chromium blog: A safer and more private browsing experience with secure DNS. https://blog.chromium.org/2020/05/a-safer-and-more-private-browsing-DoH.html, 05 2020. (Accessed on 09/15/2020). Search in Google Scholar

[6] Richard Barnes, Karthikeyan Bhargavan, Benjamin Lipp, and Christopher A. Wood. Hybrid Public Key Encryption. Internet-Draft draft-irtf-cfrg-hpke-08, Internet Engineering Task Force, February 2021. Work in Progress. Search in Google Scholar

[7] Daniel J Bernstein. DNSCurve: Usable security for DNS. dnscurve.org, 4, 2009. Search in Google Scholar

[8] Oliver Berthold, Hannes Federrath, and Stefan Köpsell. Web MIXes: A system for anonymous and unobservable Internet access. In Designing privacy enhancing technologies, pages 115–129. Springer, 2001. Search in Google Scholar

[9] Kevin Borgolte, Tithi Chattopadhyay, Nick Feamster, Mihir Kshirsagar, Jordan Holland, Austin Hounsel, and Paul Schmitt. How DNS over HTTPS is Reshaping Privacy, Performance, and Policy in the Internet Ecosystem. Performance, and Policy in the Internet Ecosystem (July 27, 2019), 2019. Search in Google Scholar

[10] Stephane Bortzmeyer. DNS privacy considerations. Work in Progress, draft-ietf-dprive-problem-statement-06, 1, 2015. Search in Google Scholar

[11] Stephane Bortzmeyer. Dns query name minimisation to improve privacy. RFC7816, 2016. Search in Google Scholar

[12] Timm Böttger, Felix Cuadrado, Gianni Antichi, Eder Leão Fernandes, Gareth Tyson, Ignacio Castro, and Steve Uhlig. An Empirical Study of the Cost of DNS-over-HTTPS. In Proceedings of the Internet Measurement Conference, pages 15–21, 2019. Search in Google Scholar

[13] BraveDNS. BraveDNS - A fast, secure, configurable, private DNS + Firewall for Android. https://www.bravedns.com/. (Accessed on 09/16/2020). Search in Google Scholar

[14] Nevil Brownlee, Kimberly C Claffy, and Evi Nemeth. DNS measurements at a root server. In GLOBECOM’01. IEEE Global Telecommunications Conference (Cat. No. 01CH37270), volume 3, pages 1672–1676. IEEE, 2001. Search in Google Scholar

[15] Sergio Castillo-Perez and Joaquin Garcia-Alfaro. Evaluation of two privacy-preserving protocols for the DNS. In 2009 Sixth International Conference on Information Technology: New Generations, pages 411–416. IEEE, 2009. Search in Google Scholar

[16] A Chau and S Hertzberg. California Consumer Privacy Act of 2018 1798.140 (v). https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml?lawCode=CIV&sectionNum=1798.140., 2018. (Accessed on 02/27/2021). Search in Google Scholar

[17] Google Cloud. App Engine Application Platform - Google Cloud. https://cloud.google.com/appengine. (Accessed on 02/27/2021). Search in Google Scholar

[18] Google Cloud. Google Compute Engine - Machine Types. https://cloud.google.com/compute/docs/machine-types. (Accessed on 09/16/2020). Search in Google Scholar

[19] Cloudflare. Cloudflare Workers®. https://workers.cloudflare.com/. (Accessed on 09/15/2020). Search in Google Scholar

[20] Cloudflare. DNS over Tor | Cloudflare Developer Docs. https://developers.cloudflare.com/1.1.1.1/fun-stuff/dns-over-tor/. (Accessed on 09/15/2020). Search in Google Scholar

[21] Cloudflare. Argo Tunnel Client. https://github.com/cloudflare/cloudflared, 2020. Search in Google Scholar

[22] Cas Cremers and Martin Dehnel-Wild. Component-based formal analysis of 5G-AKA: Channel assumptions and session confusion. In Network and Distributed Systems Security (NDSS) Symposium 2019, February 2019. Search in Google Scholar

[23] Cas Cremers, Marko Horvat, Jonathan Hoyland, Sam Scott, and Thyla van der Merwe. A comprehensive symbolic analysis of TLS 1.3. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pages 1773–1788, 2017. Search in Google Scholar

[24] Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi, and Aniket Kate. Anonymity trilemma: Strong anonymity, low bandwidth overhead, low latency - choose two. In 2018 IEEE Symposium on Security and Privacy (SP), pages 108–126, 2018. Search in Google Scholar

[25] Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi, and Aniket Kate. Comprehensive anonymity trilemma: User coordination is not enough. Proceedings on Privacy Enhancing Technologies, 2020(3):356–383, 2020. Search in Google Scholar

[26] Alex Davidson, Ian Goldberg, Nick Sullivan, George Tanker-sley, and Filippo Valsorda. Privacy pass: Bypassing internet challenges anonymously. Proceedings on Privacy Enhancing Technologies, 2018(3):164–180, 2018. Search in Google Scholar

[27] Selena Deckelmann. Firefox continues push to bring DNS over HTTPS by default for US users - The Mozilla Blog. https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/, 02 2020. (Accessed on 09/15/2020). Search in Google Scholar

[28] Frank Denis. Anonymized DNSCrypt specification. https://github.com/DNSCrypt/dnscrypt-protocol/blob/master/ANONYMIZED-DNSCRYPT.txt, 06 2020. (Accessed on 09/15/2020). Search in Google Scholar

[29] Frank Denis and Contributors. A flexible DNS proxy, with support for encrypted DNS protocols. https://github.com/DNSCrypt/dnscrypt-proxy/. (Accessed on 09/17/2020). Search in Google Scholar

[30] Apple Developer. DNS Proxy Provider | Apple Developer Documentation. https://developer.apple.com/documentation/networkextension/dns_proxy_provider. (Accessed on 09/15/2020). Search in Google Scholar

[31] Apple Developer. Enable encrypted DNS - WWDC 2020. ht tps://developer.apple.com/videos/play/wwdc2020/10047/. (Accessed on 09/15/2020). Search in Google Scholar

[32] Google DNS. Your Privacy - Public DNS - Google Developers. https://developers.google.com/speed/public-dns/privacy. (Accessed on 02/27/2021). Search in Google Scholar

[33] Danny Dolev and Andrew Yao. On the security of public key protocols. IEEE Transactions on information theory, 29(2):198–208, 1983. Search in Google Scholar

[34] Ralph Droms. RFC2131: Dynamic Host Configuration Protocol, 1997. Search in Google Scholar

[35] Facebook. DNS Over HTTPS Proxy | Facebook. https://github.com/facebookexperimental/doh-proxy, 2020. Search in Google Scholar

[36] Hannes Federrath, Karl-Peter Fuchs, Dominik Herrmann, and Christopher Piosecny. Privacy-preserving DNS: analysis of broadcast, range queries and mix-based protection methods. In European Symposium on Research in Computer Security, pages 665–683. Springer, 2011. Search in Google Scholar

[37] Michèle Finck and Frank Pallas. They who must not be identified—distinguishing personal from non-personal data under the GDPR. International Data Privacy Law, 10(1):11–36, 03 2020. Search in Google Scholar

[38] Frank Denis and Yecheng Fu. DNSCrypt: A protocol to improve DNS security. https://www.dnscrypt.org/, 02 2021. (Accessed on 02/20/2021). Search in Google Scholar

[39] Google. DNS-over-HTTPS (DoH) | Public DNS | Google Developers. https://developers.google.com/speed/public-dns/docs/doh. (Accessed on 09/15/2020). Search in Google Scholar

[40] Google. crypto/hpke - boringssl - Git at Google. https://boringssl.googlesource.com/boringssl/+/refs/heads/master/crypto/hpke/, 07 2020. (Accessed on 09/17/2020). Search in Google Scholar

[41] John Graham-Cumming. Announcing the Results of the 1.1.1.1 Public DNS Resolver Privacy Examination. https://blog.cloudflare.com/announcing-the-results-of-the-1-1-1-1-public-dns-resolver-privacy-examination/, 03 2020. (Accessed on 09/15/2020). Search in Google Scholar

[42] Benjamin Greschbach, Tobias Pulls, Laura M Roberts, Philipp Winter, and Nick Feamster. The effect of DNS on Tor’s anonymity. arXiv preprint arXiv:1609.08187, 2016. Search in Google Scholar

[43] Christian Grothoff, Matthias Wachs, Monika Ermert, and Jacob Appelbaum. NSA’s morecowbell: Knell for dns, 2015. Search in Google Scholar

[44] Ansel Herz. Judge Who Authorized Police Search of Seattle Privacy Activists Wasn’t Told They Operate Tor Network. https://web.archive.org/web/20191210114929/ https://www.thestranger.com/slog/2016/04/08/23914735/judge-who-authorized-police-search-of-seattle-privacy-activists-wasnt-told-they-operate-tor-network/, 04 2016. (Accessed on 09/15/2020). Search in Google Scholar

[45] Paul Hoffman and Patrick McManus. DNS queries over HTTPS (DoH). Internet Requests for Comments, IETF, RFC, 8484, 2018. Search in Google Scholar

[46] Pi Hole. Pi-hole – A black hole for Internet advertisements. https://pi-hole.net/. (Accessed on 09/16/2020). Search in Google Scholar

[47] Austin Hounsel, Paul Schmitt, Kevin Borgolte, and Nick Feamster. Measuring the Performance of Encrypted DNS Protocols from Broadband Access Networks, 2020. Search in Google Scholar

[48] Zi Hu, Liang Zhu, John Heidemann, Allison Mankin, Duane Wessels, and Paul Hoffman. Specification for DNS over transport layer security (TLS). IETF RFC7858, May, 2016. Search in Google Scholar

[49] Mei Lin Hui and Gavin Lowe. Fault-preserving simplifying transformations for security protocols. Journal of Computer Security, 9(1-2):3–46, 2001. Search in Google Scholar

[50] Franziskus Kiefer. Improving AES-GCM Performance -Mozilla Security Blog. https://blog.mozilla.org/security/2017/09/29/improving-aes-gcm-performance/, 09 2017. (Accessed on 09/16/2020). Search in Google Scholar

[51] E. Kinnear, P. McManus, T. Pauly, and C. Wood. Oblivious DNS Over HTTPS–IETF Draft. https://tools.ietf.org/html/draft-pauly-dprive-oblivious-doh-01, 2019. Search in Google Scholar

[52] Erik Kline. DNS over TLS support in Android P Developer Preview. https://android-developers.googleblog.com/2018/04/dns-over-tls-support-in-android-p.html, 04 2018. (Accessed on 09/15/2020). Search in Google Scholar

[53] Ulf Lamping and Ed Warnicke. Wireshark user’s guide. Interface, 4(6):1, 2004. Search in Google Scholar

[54] Brandon LeBlanc. Announcing windows 10 insider preview build 20185. https://blogs.windows.com/windows-insider/2020/08/05/announcing-windows-10-insider-preview-build-20185/, 08 2020. (Accessed on 09/15/2020). Search in Google Scholar

[55] Ken Lo. Download Speeds: Comparing 2G, 3G, 4G & 5G Mobile Networks. https://kenstechtips.com/index.php/download-speeds-2g-3g-and-4g-actual-meaning, 11 2018. (Accessed on 09/16/2020). Search in Google Scholar

[56] Chaoyi Lu, Baojun Liu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, and Jianping Wu. An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? In Proceedings of the Internet Measurement Conference, pages 22–35, 2019. Search in Google Scholar

[57] Electronic Frontier Foundation Marcia Hoffmann. Why IP Addresses Alone Don’t Identify Criminals. https://www.eff.org/deeplinks/2011/08/why-ip-addresses-alone-dont-identify-criminals, 08 2011. (Accessed on 09/15/2020). Search in Google Scholar

[58] Erika McCallister, Tim Grance, and Karen Scarfone. Guide to protecting the confidentiality of Personally Identifiable Information (PII): Recommendations of the National Institute of Standards and Technology. NIST special publication; 800-122. Computer security. U.S. Dept. of Commerce, National Institute of Standards and Technology, Gaithersburg, MD, 2010. Search in Google Scholar

[59] Mozilla. Comcast’s Xfinity Internet Service Joins Firefox’s Trusted Recursive Resolver Program - The Mozilla Blog. https://blog.mozilla.org/blog/2020/06/25/comcasts-xfinity-internet-service-joins-firefoxs-trusted-recursive-resolver-program/, 06 2020. (Accessed on 09/15/2020). Search in Google Scholar

[60] Mozilla. Mozilla Policy Requirements for DNS over HTTPs Partners. https://wiki.mozilla.org/Security/DOH-resolver-policy, 09 2020. (Accessed on 09/15/2020). Search in Google Scholar

[61] Alec Muffet. No Port 53, Who Dis?; A Year of DNS over HTTPS over Tor. In NDSS DNS Privacy Workshop, 02 2021. Search in Google Scholar

[62] Alec Muffett. DoHoT: making practical use of DNS over HTTPS over Tor. https://github.com/alecmuffett/dohot, 07 2020. (Accessed on 09/15/2020). Search in Google Scholar

[63] NIST. NVD - CVE-2013-2566. https://nvd.nist.gov/vuln/detail/CVE-2013-2566, 03 2013. (Accessed on 09/16/2020). Search in Google Scholar

[64] Jan Odvarko. HAR 1.2 Spec. http://www.softwareishard.com/blog/har-12-spec/. (Accessed on 02/28/2021). Search in Google Scholar

[65] Victor Le Pochat, Tom Van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczy«ski, and Wouter Joosen. Tranco: A research-oriented top sites ranking hardened against manipulation. Network and Distributed Systems Security (NDSS) Symposium, 2019. Search in Google Scholar

[66] Matthew Prince. Introducing 1.1.1.1 for Families. https://blog.cloudflare.com/introducing-1-1-1-1-for-families/, 2020. Search in Google Scholar

[67] Chromium Projects. DNS over HTTPS (aka DoH). https://www.chromium.org/developers/dns-over-https. (Accessed on 09/15/2020). Search in Google Scholar

[68] DNSCrypt Proxy. Anonymized DNS Wiki. https://github.com/DNSCrypt/dnscrypt-proxy/wiki/Anonymized-DNS. (Accessed on 09/15/2020). Search in Google Scholar

[69] FIPS PUB. Security Requirements for Cryptographic Modules. FIPS PUB, 140, 1994. Search in Google Scholar

[70] Reddit Communities. DNS query average : PiHole. https://www.reddit.com/r/pihole/comments/a8ngnu/dns_query_average/, 12 2018. (Accessed on 09/15/2020). Search in Google Scholar

[71] Benedikt Schmidt, Simon Meier, Cas Cremers, and David Basin. Automated Analysis of Diffie-Hellman Protocols and Advanced Security Properties. In Stephen Chong, editor, 25th IEEE Computer Security Foundations Symposium, CSF 2012, Cambridge, MA, USA, June 25-27, 2012, pages 78–94. IEEE, 2012. Search in Google Scholar

[72] Paul Schmitt, Anne Edmundson, Allison Mankin, and Nick Feamster. Oblivious DNS: Practical Privacy for DNS Queries: Published in PoPETS 2019. In Proceedings of the Applied Networking Research Workshop, ANRW ’19, page 17–19, New York, NY, USA, 2019. Association for Computing Machinery. Search in Google Scholar

[73] Benjamin M. Schwartz, Mike Bishop, and Erik Nygren. Service binding and parameter specification via the DNS (DNS SVCB and HTTPS RRs). Internet-Draft draft-ietf-dnsopsvcb-https-03, Internet Engineering Task Force, February 2021. Work in Progress. Search in Google Scholar

[74] Milan P Stanic. TC–Traffic Control. Linux QOS Control Tool, 2001. Search in Google Scholar

[75] Srikanth Sundaresan, Nazanin Magharei, Nick Feamster, Renata Teixeira, and Sam Crawford. Web performance bottlenecks in broadband access networks. In Proceedings of the ACM SIGMETRICS/international conference on Measurement and modeling of computer systems, pages 383–384, 2013. Search in Google Scholar

[76] TracBot. Tor blocked in UAE (#25137) · Issues · Legacy /Trac · GitLab. https://gitlab.torproject.org/legacy/trac/-/issues/25137, 02 2018. (Accessed on 09/15/2020). Search in Google Scholar

[77] European Union. What is considered personal data under EU GDPR. https://gdpr.eu/eu-gdpr-personal-data/. (Accessed on 02/27/2021). Search in Google Scholar

[78] Upturn. What ISPs Can See. https://www.upturn.org/reports/2016/what-isps-can-see/, 03 2016. (Accessed on 09/15/2020). Search in Google Scholar

[79] Zhiheng Wang. Navigation Timing - World Wide Web Consortium (W3C). https://www.w3.org/TR/navigation-timing/, 12 2012. (Accessed on 09/17/2020). Search in Google Scholar

[80] Nicholas Weaver, Christian Kreibich, and Vern Paxson. Redirecting DNS for Ads and Profit. FOCI, 2:2–3, 2011. Search in Google Scholar

[81] Xynou, Maria, and Filasto, Arturò. Iran Protests: OONI data confirms censorship events (Part 1) | OONI. https://ooni.org/post/2018-iran-protests/. (Accessed on 09/15/2020). Search in Google Scholar

[82] Fangming Zhao, Yoshiaki Hori, and Kouichi Sakurai. Analysis of privacy disclosure in DNS query. In 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE’07), pages 952–957. IEEE, 2007. Search in Google Scholar

[83] Fangming Zhao, Yoshiaki Hori, and Kouichi Sakurai. Two-servers PIR based DNS query scheme with privacy-preserving. In The 2007 International Conference on Intelligent Pervasive Computing (IPC 2007), pages 299–302. IEEE, 2007. Search in Google Scholar

[84] Liang Zhu, Zi Hu, John Heidemann, Duane Wessels, Allison Mankin, and Nikita Somaiya. T-DNS: Connection-oriented DNS to improve privacy and security. ACM SIGCOMM Computer Communication Review, 44(4):379–380, 2014. Search in Google Scholar

Recommended articles from Trend MD

Plan your remote conference with Sciendo