Understanding the Privacy Implications of ECS - (Extended Abstract)

The edns-client-subnet ECS is a new extension for the Domain Name System DNS that delivers a "faster Internet" with the help of client-specific DNS answers. Under ECS, recursive DNS servers recursives provide client network address information to upstream authorities, permitting topologically localized answers for content delivery networks CDNs. This optimization, however, comes with a privacy penalty that has not yet been studied. Our analysis concludes that ECS makes DNS communications less private: the potential for mass surveillance is greater, and stealthy, highly targeted DNS poisoning attacks become possible. Despite being an experimental extension, ECS is already deployed, and users are expected to "opt out" on their own. Yet, there are no available client-side tools to do so. We describe a configuration of an experimental recursive tool to reduce the privacy leak from ECS queries in order to immediately allow users to protect their privacy. We recommend the protocol change from "opt out" to "opt in", given the experimental nature of the extension and its privacy implications.

[1]  Fabian Monrose,et al.  DNS Prefetching and Its Privacy Implications: When Good Things Go Bad , 2010, LEET.

[2]  Xiapu Luo,et al.  A Centralized Monitoring Infrastructure for Improving DNS Security , 2010, RAID.

[3]  Ramesh Govindan,et al.  Mapping the expansion of Google's serving infrastructure , 2013, Internet Measurement Conference.

[4]  Xiapu Luo,et al.  WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[5]  Kouichi Sakurai,et al.  Analysis of Privacy Disclosure in DNS Query , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[6]  Wenke Lee,et al.  Increased DNS forgery resistance through 0x20-bit encoding: security via leet queries , 2008, CCS.

[7]  Anja Feldmann,et al.  Exploring EDNS-client-subnet adopters in your free time , 2013, Internet Measurement Conference.

[8]  Saikat Guha,et al.  Identity Trail: Covert Surveillance Using DNS , 2007, Privacy Enhancing Technologies.

[9]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[10]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[11]  John P. Rula,et al.  Content delivery and the natural evolution of DNS: remote dns trends, performance issues and alternative solutions , 2012, Internet Measurement Conference.

[12]  Hannes Federrath,et al.  Privacy-Preserving DNS: Analysis of Broadcast, Range Queries and Mix-Based Protection Methods , 2011, ESORICS.