Mutualized oblivious DNS (μODNS): Hiding a tree in the wild forest
share
The traditional Domain Name System (DNS) lacks fundamental features of security and privacy in its design. As concerns of privacy increased on the Internet, security and privacy enhancements of DNS have been actively investigated and deployed. Specially for user's privacy in DNS queries, several relay-based anonymization schemes have been recently introduced, however, they are vulnerable to the collusion of a relay with a full-service resolver, i.e., identities of users cannot be hidden to the resolver. This paper introduces a new concept of a multiple-relay-based DNS for user anonymity in DNS queries, called the mutualized oblivious DNS (μODNS), by extending the concept of existing relay-based schemes. The μODNS introduces a small and reasonable assumption that each user has at least one trusted/dedicated relay in a network and mutually shares the dedicated one with others. The user just sets the dedicated one as his next-hop, first relay, conveying his queries to the resolver, and randomly chooses its 0 or more subsequent relays shared by other entities. Under this small assumption, the user's identity is concealed to a target resolver in the μODNS even if a certain (unknown) subset of relays collude with the resolver. That is, in μODNS, users can preserve their privacy and anonymity just by paying a small cost of sharing its resource. Moreover, we present a PoC implementation of μODNS that is publicly available on the Internet. We also show that by measurement of round-trip-time for queries, and our PoC implementation of μODNS achieves the performance comparable to existing relay-based schemes.
READ FULL TEXT
