EDU Tutorial:



DNS Privacy

Sara Dickinson
Sinodun
sara@sinodun.com

EDU Tutorial @ IETF_97 Seoul (Nov 2017)

 Overview
• Goal:

• Give audience historical background on why DNS

Privacy is an important topic

• Internet Privacy - presented by dkg

• Chart progress during last 3-4 years (DPRIVE)

• Present current status and tools

DNS Privacy Tutorial @ IETF 97 2 Nov 2016, Seoul

 Internet Privacy
Daniel Kahn Gillmor
ACLU

DNS Privacy Tutorial @ IETF 97 3 Nov 2016, Seoul

 DNS Privacy
- A brief history

DNS Privacy Tutorial @ IETF 97 4 Nov 2016, Seoul

 IETF Privacy activity
March 2011 I-D: Privacy Considerations for Internet Protocols (IAB)

June 2013 Snowdon revelations What timing!

July 2013 RFC6973: Privacy Considerations for Internet Protocols

May 2014 RFC7258: Pervasive Monitoring is an Attack

RFC7624: Confidentiality in the Face of Pervasive

August 2015
Surveillance: A Threat model and Problem Statement

Much other ongoing work…..

DNS Privacy Tutorial @ IETF 97 5 Nov 2016, Seoul

 RFC 7258

“PM is an attack on the privacy of Internet users

and organisations.”

“…that needs to be mitigated where possible, via the

design of protocols that make PM significantly more
expensive or infeasible. “

DNS Privacy Tutorial @ IETF 97 6 Nov 2016, Seoul

 DNS Privacy in 2013?
• DNS [RFC1034/5 - 1987] - original design availability,
redundancy and speed! (DNS is an enabler)

• DNS standards:
DNS sent in clear text
• UDP (99% of traffic to root) -> NSA: ‘MORECOWBELL’

• TCP only for ‘fallback’ when UDP MTU exceeded and XFR
(support only mandatory from 2010)

• Perception: The DNS is public, right? It is not sensitive/personal

information….it doesn’t need to be protected/encrypted

DNS Privacy Tutorial @ IETF 97 7 Nov 2016, Seoul

 DNS Disclosure Example 1
Leak information datatracker.ietf.org
Root

Rec
datatracker.ietf.org
datatracker.ietf.org Auth
for .org

Auth for
ietf.org
datatracker.ietf.org

DNS Privacy Tutorial @ IETF 97 8 Nov 2016, Seoul

 DNS Privacy in 2013?
• RFC6891: Extension Mechanisms for DNS (EDNS0)

Intended to enhance DNS protocol capabilities

• But…. mechanism enabled addition of end-user data

into DNS queries (non-standard options)

ISP justification: Parental Filtering (per device)

CDN justification: Faster content (geo location)

DNS Privacy Tutorial @ IETF 97 9 Nov 2016, Seoul

 DNS Disclosure Example 2
ietf.org ? ? ietf.org ?
[00:00:53:00:53:00] [192.168.1]

Stub Rec Auth

CPE

[User src address] Client Subnet (RFC7871)

MAC address or id contains source subnet
in DNS query in DNS query
DNS Privacy Tutorial @ IETF 97 10 Nov 2016, Seoul
 DNS Disclosure Example 2
ietf.org ? ietf.org ?
conradhotels.hilton.com ? conradhotels.hilton.com ?
ba.com ? ba.com ?
ietfmemes.tumblr.com ? ietfmemes.tumblr.com ?

Stub Rec Auth

CPE

Even behind a NAT,

Even behind a recursive do
do not have
not have anonymity!
anonymity!
DNS Privacy Tutorial @ IETF 97 11 Nov 2016, Seoul
 DNS Disclosure Example 3
Who monitors or has
• (AUTH) Who monitors or has access here?
access here?
• (UNAUTH) How safe is this
data?
Root

Rec

Auth
• When at home… for .org
• When in a coffee shop…
Who monitors or has
DNS Privacy Tutorial @ IETF 97 12 access
Novhere?
2016, Seoul
 DNS - complications
• Basic problem is leakage of meta data

• Allows re-identification of individuals

• Even without user meta data traffic analysis is

possible based just on timings and cache
snooping

• DNS Filtering is becoming more prevalent


DNS Privacy Tutorial @ IETF 97 13 Nov 2016, Seoul

 DNS Risk Matrix
In-Flight At Rest

Risk Stub => Rec Rec => Auth At 
 At 


Recursive Authoritative

Passive
Monitoring

Active
Monitoring

Other
Disclosure
Risks
e.g. Data
breaches

DNS Privacy Tutorial @ IETF 97 14 Nov 2016, Seoul

 DNS Service Discovery
• Devices advertise services on local network 

(DNS, mDNS)

• Other devices then discover the service and use it

Alice's Images . _imageStore._tcp . local

Alice's Mobile Phone . _presence._tcp . local
Alice's Notebook . _presence._tcp . local

DNS Privacy Tutorial @ IETF 97 15 Nov 2016, Seoul

 DNS-SD Privacy
• Advertising leaks information about:

• User - ‘name’, devices, services (user tracking)

• Devices - services & attributes (port, priorities)

• Device fingerprinting possible
• 

=> Software or specific device identification

• Discovery leaks info about preferred services

DNS Privacy Tutorial @ IETF 97 16 Nov 2016, Seoul

 DNS Privacy options (2013)
• DNSCurve Recursive-Auth

• Daniel J. Bernstein, initial interest but not adoption

Stub-Recursive
• DNSCrypt

• Many implementations, several open DNSCrypt

Resolvers (OpenDNS), [Yandex browser]


• Authentication with some privacy Anti-spoofing, anti DoS

• Documented but not standard

DNS Privacy Tutorial @ IETF 97 17 Nov 2016, Seoul
 DNS Privacy options (2014)

• Run a local resolver (Unbound)

• DNSTrigger (NLNet Labs)

• Client software to enable DNSSEC

• Used TLS on port 443 as last ditch attempt to

enable DNSSEC (DNS-over-TLS impl)



Goal was DNSSEC, not Privacy!

DNS Privacy Tutorial @ IETF 97 18 Nov 2016, Seoul

 DPRIVE WG
et al.

DNS Privacy Tutorial @ IETF 97 19 Nov 2016, Seoul

 DPRIVE WG
• DPRIVE WG create in 2014



Charter: Primary Focus is
Stub to recursive

• Why not tackle whole problem?

• Don’t boil the ocean, stepwise solution
• Stub to Rec reveals most information
• Rec to Auth is a particularly hard problem

DNS Privacy Tutorial @ IETF 97 20 Nov 2016, Seoul

 DNS Privacy problem
Relationship:
1 to ‘a few’ Root
some of whom
are know (ISP)
Relationship:1 to many most
of whom are not known
Rec => Authentication is hard

Auth
for .org
DNS Privacy Tutorial @ IETF 97 21 Nov 2016, Seoul
 RFC 7626 -
DNS Privacy Considerations
Worth a read - many
interesting issues here!

• Problem statement: Expert coverage of risks

throughout DNS ecosystem
• Rebuts “alleged public nature of DNS data”
• The data may be public, but a DNS ‘transaction’

is not/should not be.

“A typical example from outside the DNS world is: the web site of
Alcoholics Anonymous is public; the fact that you visit it should not be.”

DNS Privacy Tutorial @ IETF 97 22 Nov 2016, Seoul

 Choices, choices…
• So… we know the problem but what
mechanism to use for encrypting DNS?

• STARTTLS
Drafts submitted on all
• TLS these solutions to the
working group
• DTLS

• Confidential DNS draft

DNS Privacy Tutorial @ IETF 97 23 Nov 2016, Seoul
 Encryption Options
Pros Cons

• Port 53 • Downgrade attack on negotiation

STARTTLS • Known technique • Port 53 - middleboxes blocking?
• Incrementation deployment • Latency from negotiation

• New DNS port 


TLS • New port assignment
(no interference with port 53)
(new port) • Scalability?
• Existing implementations

• Truncation of DNS messages

• UDP based
DTLS (just like UDP)
• Not as widely used/
(new port) ➡ Fallback to TLS or clear text
deployed
❌ Can’t be standalone solution

DNS Privacy Tutorial @ IETF 97 24 Nov 2016, Seoul

 Encrypted DNS ‘TODO’ list
• Get a new port
• DNS-over-TCP/TLS: Address issues in
standards and implementations
• Tackle authentication of DNS servers
(bootstrap problem)
• What about traffic analysis of encrypted
traffic - msg size & timing still tell a lot!

DNS Privacy Tutorial @ IETF 97 25 Nov 2016, Seoul

 Get a new port!
• One does not simply get a new port…

• Oct 2015 - 853 is the magic number

Your request has been processed. We have assigned the following

system port number as an early allocations per RFC7120, with the DPRIVE
Chairs as the point of contact:

domain-s 853 tcp DNS query-response protocol run over TLS/DTLS

domain-s 853 udp DNS query-response protocol run over TLS/DTLS

DNS Privacy Tutorial @ IETF 97 26 Nov 2016, Seoul

 DNS + TCP/TLS?

• DNS-over-TCP history:

• typical DNS clients do ‘one-shot’ TCP

• DNS servers have very basic TCP
capabilities
• No attention paid to TCP tuning, robustness
• Performance tools based on one-shot TCP


DNS Privacy Tutorial @ IETF 97 27 Nov 2016, Seoul

 Fix DNS-over-TCP/TLS
Goal How?

TFO Fast Open

Optimise set up &
TLS session resumption
resumption
[TLS 1.3]

RFC7766 (bis of RFC5966) - March 2016:

Client pipelining (not one-shot!),
Amortise cost of Server concurrent processing,
TCP/TLS setup Out-of-order responses


RFC7828: Persistent connections (Keepalive)

Servers handle
many connections Learn from HTTP world!
robustly

DNS Privacy Tutorial @ IETF 97 28 Nov 2016, Seoul

 Performance (RFC7766)
Client - pipeline requests, keep connection open and handle out-of-order response

Server - concurrent processing of requests sending of out of order responses

in-order concurrent, OOOR

R A R A
q1, q2 q1 q1, q2 q1
q2 q2
q2 delayed
waiting for q1 0 extra
(+1 RTT) RTT a2

a1 a1 reply as
soon
stub as possible
a2

29
DNS Privacy Tutorial @ IETF 97 Nov 2016, Seoul
 Authentication in
DNS-over-(D)TLS
2 Usage Profiles:

• Strict (Encrypt & Authenticate) or Nothing

• “Do or do not. There is no try.”

• Opportunistic Try in order:

• Encrypt & Authenticate then

• “Success is stumbling 

• Encrypt then
from failure to failure 

• Clear text
with no loss of enthusiasm”

DNS Privacy Tutorial @ IETF 97 30 Nov 2016, Seoul

 Authentication in
DNS-over-(D)TLS
• Authentication based on config of either:

• Authentication domain name

• SPKI pinset

• Shouldn’t DNS use DANE…? Well - even better:

• I-D: TLS DNSSEC Chain Extension

DNS Privacy Tutorial @ IETF 97 31 Nov 2016, Seoul

 DNS Auth using DANE
DNS Privacy client TLS DNS Privacy server
[DNSSEC]

1: Obtain a
Auth Domain name
& IP address
2a:
• Opportunistic lookup of DANE
records for server
(1a)
• Validate locally with DNSSEC
• Configure Auth
domain name
• Do Opportunistic
SRV lookup

DNS Privacy Tutorial @ IETF 97 32 Nov 2016, Seoul

 TLS DNSSEC Chain Extension
Client Hello:
TLS DNSSEC Chain Ext
DNS Privacy client
DNS Privacy server
[DNSSEC]
Server Hello:
Server DANE records

1: Obtain a 0 (or 2): Obtains

Auth Domain name DANE records for
& IP address itself!

• Reduces Latency
(1a) • Eliminates need for
• Configure Auth
intermediate recursive
domain name
• Do Opportunistic
SRV lookup

DNS Privacy Tutorial @ IETF 97 33 Nov 2016, Seoul

 DPRIVE Solution Documents
(stub to recursive)
Document Date Topic

RFC7858 May 2016 DNS-over-TLS

RFC7830 May 2016 EDNS0 Padding Option

Completed
draft-ietf-dprive-dnsodtls* DNS-over-DTLS
WGLC

draft-ietf-dprive-dtls-and-
tls-profiles
In WGLC Authentication for DNS-over-(D)TLS

*Intended status: Experimental

DNS Privacy Tutorial @ IETF 97 34 Nov 2016, Seoul
 What about Recursive to
Authoritative?
• DPRIVE - Re-charter? WG this Friday!

• I-D: Next step for DPRIVE: resolver-to-auth link

• Presents 6 authentication options/models

• Data on DNS-over-(D)TLS

• DNSOP - RFC7816: QNAME Minimisation

DNS Privacy Tutorial @ IETF 97 35 Nov 2016, Seoul

 DNS Disclosure Example 1
Leaks information datatracker.ietf.org
Root

Rec
datatracker.ietf.org
datatracker.ietf.org Auth
for .org

Auth for
ietf.org
datatracker.ietf.org

DNS Privacy Tutorial @ IETF 97 36 Nov 2016, Seoul

 QNAME Minimisation
org
Root

Rec
datatracker.ietf.org
ietf.org Auth
for .org

Auth for
ietf.org
datatracker.ietf.org

DNS Privacy Tutorial @ IETF 97 37 Nov 2016, Seoul

 Data handling policies
• Do you read the small print of your ISPs contract?

• More work/research needed in this area

• Monitoring of government policy and practice

• Transparency from providers on policy and breaches

• Methods for de-identification of user data (e.g. DITL)

• ‘PassiveDNS’ data used for research/security

DNS Privacy Tutorial @ IETF 97 38 Nov 2016, Seoul

 DNS-over-HTTP(S)

• DNS-over-HTTP(S) has been around a while…

• I-D: Review of DNS-over-HTTP

• Privacy (HTTPS authentication)

• Bypass port 53 interference (middlebox, captive portals)

• Higher level API

DNS Privacy Tutorial @ IETF 97 39 Nov 2016, Seoul

 DNS-over-HTTP(S)
• Google: DNS-over-HTTPS (non-standard)

• I-D: DNS wire-format over HTTP

• “Servers and clients SHOULD use TLS for

communication.”

• I-D: DNS Queries over HTTPS

• Non-WG Mailing list and Bar BOF here (Tuesday)

DNS Privacy Tutorial @ IETF 97 40 Nov 2016, Seoul

 Risk Mitigation Matrix
In-Flight At Rest

Risk Stub => Rec Rec => Auth At 
 At 


Recursive Authoritative

Encryption
Passive
(e.g. TLS,
monitoring
HTTPS)
QNAME
Minimization
Active Authentication
monitoring & Encryption

Other
Disclosure
Data Best Practices (Policies)

Risks
e.g. De-identification
e.g. Data
breaches
DNS Privacy Tutorial @ IETF 97 41 Nov 2016, Seoul
 DNS-SD
• I-D: Privacy Extensions for DNS-SD - adopted by
WG

• 3 step design

1. Offline pairing mechanism (shared secret)

2. Discovery of the “Private Discovery Service”

3. Actual Service Discovery (enc & auth conn)

DNS Privacy Tutorial @ IETF 97 42 Nov 2016, Seoul

 Implementation
Status

DNS Privacy Tutorial @ IETF 97 43 Nov 2016, Seoul

 RECURSIVE

Recursive implementations
Features Recursive resolver

Unbound BIND Knot Res

TCP fast open

(drill) res
Process pipelined queries
 TCP/TLS
Features Provide OOOR

EDNS0 Keepalive

TLS on port 853

 TLS Provide server certificate
Features
EDNS0 Padding

Rec => Auth QNAME Minimisation

Dark Green: Latest stable release supports this
Light Green: Patch available
Yellow: Patch/work in progress, or requires building a patched dependency
Purple: Workaround available
Grey: Not applicable or not yet planned
DNS Privacy Tutorial @ IETF 97 44 Nov 2016, Seoul
 RECURSIVE

Alternative server
side solutions
• Pure TLS load balancer
• NGINX, HAProxy
• BIND article on using stunnel

• dnsdist from PowerDNS would be great…

• But no support yet
Disadvantages
• server must still have decent TCP capabilities
• DNS specific access control is missing
• pass through of edns0-tcp-keepalive option

DNS Privacy Tutorial @ IETF 97 45 Nov 2016, Seoul

 STUB

Stub implementations
Features Stub

ldns digit getdns BIND (dig)

TCP fast open

(drill) (dig)
Connection reuse

 TCP/TLS Pipelining of queries

Features
Process OOOR

EDNS0 Keepalive

TLS on port 853

 TLS Authentication of server

Features
EDNS0 Padding

Dark Green: Latest stable release supports this

Light Green: Patch available
Yellow: Patch/work in progress, or requires building a patched dependancy
Grey: Not applicable or not yet planned
* getdns uses libunbound in recursive mode
DNS Privacy Tutorial @ IETF 97 46 Nov 2016, Seoul
 Implementation Status
• Increasing uptake of better DNS-over-TCP, QNAME
minimisation
• Several implementations of DNS-over-TLS
• None yet of DNS-over-DTLS
• BII has DNS-over-HTTP implementation



Key is enabling end users and application
developers to easily adopt DNS Privacy
DNS Privacy Tutorial @ IETF 97 47 Nov 2016, Seoul
 Deployment
Status

DNS Privacy Tutorial @ IETF 97 48 Nov 2016, Seoul

 RECURSIVE

DNS-over-TLS Servers
Hosted by Software

NLnet Labs Unbound

OARC Unbound

Surfnet Bind + HAProxy

(Sinodun) Bind + nginx

dkg Knot Resolver

IETF?

Find details at: DNS Test Servers

DNS Privacy Tutorial @ IETF 97 49 Nov 2016, Seoul

 STUB

getdns
• Modern async DNSSEC enabled API

• https://getdnsapi.net

• Written in C, various bindings (Python, Java,…)

• DNS-over-TLS, validating DNSSEC stub

• ‘Stubby’ now available for testing

DNS Privacy Tutorial @ IETF 97 50 Nov 2016, Seoul

 Stubby

• A privacy enabling stub resolver (based on

getdns_query tool)

• 1.1.0-alpha3

• Run as daemon handling requests

• Configure OS DNS resolution to point at 127.0.0.1

DNS Privacy Tutorial @ IETF 97 51 Nov 2016, Seoul

 Stubby In Action
• Reads config from /etc/stubby.conf

• domain name and SPKI pinset authentication

• Strict and Opportunistic profiles

• How to build and use Stubby

• Demos available: Sara, Willem Toorop, Allison Mankin

DNS Privacy Tutorial @ IETF 97 52 Nov 2016, Seoul

Stubby in Action
 Ongoing and Future work
• Hacking this weekend at the IETF 97 Hackathon

• lots of work on Stubby and test servers

• OS integration of client solutions

• More complete recursive implementations

• Increased deployment

• More DPRIVE work: Recursive to Auth….

DNS Privacy Tutorial @ IETF 97 54 Nov 2016, Seoul

 Summary
• DNS Privacy is a real problem and more relevant
than ever

• Active work on the large solution space

• Can test DNS Privacy today using Stubby & current

test recursive servers

• More DNS Privacy services on the way…

DNS Privacy Tutorial @ IETF 97 55 Nov 2016, Seoul

 Thank you!

Any Questions?

https://www.surveymonkey.com/r/97privacy


DNS Privacy Tutorial @ IETF 97 56 Nov 2016, Seoul