boost dns privacy, reliability, and e ciency with opdns ... · application recursive dns cache web...
TRANSCRIPT
Marcel Waldvogel, Thomas Zink
DNS Problems
Our Goals
Our Solution
Boost DNS Privacy, Reliability, and Efficiencywith opDNS Safe Query Elimination
This leads to a number of privacy and reliability problems: [privacy] user fingerprinting [privacy] user tracking [reliability] outages and cencorship [reliability] DNS malfunctions
100%
Are you still whoI think you are?
Yes! I am!Here is the proof.
unmodifiedapplication
recursiveDNS cache
web server
localopDNScache
client
1 2
01001011110010110011011011011100001
301001011110010110011011011011100001
4
56
Before contacting most services the clients sendout cleartext DNS queries to DNS servers.The queries are not only revealed to DNS serversbut can also easily be observed on the network.
Increase privacy and reliability by eliminating unneccessary traffic reducing communication to trusted partners
As a side effect, this also boosts efficiency due toreduced network traffic, latency, and computation.
Opportunistic Persistent DNS (opDNS) keeps a local DNS cache integrates seamlessly with DANE and DNSSEC to safely retrieve initial records caches beyond TTLs for secure services and serves locally cached records uses TLS to authenticate services