International Journal of Information Security

, Volume 17, Issue 6, pp 645–660 | Cite as

OnionDNS: a seizure-resistant top-level domain

  • Nolen ScaifeEmail author
  • Henry Carter
  • Lyrissa Lidsky
  • Rachael L. Jones
  • Patrick Traynor
Regular Contribution


The Domain Name System (DNS) provides the critical service of mapping canonical names to IP addresses. Recognizing this, a number of parties have increasingly attempted to perform “domain seizures” on targets by having them delisted from DNS. Such operations often occur without providing due process to the owners of these domains, a practice made potentially worse by recent legislative proposals. We address this problem by creating OnionDNS, an anonymous top-level domain and resolution service for the Internet. Our solution relies on the establishment of a hidden service running DNS within Tor and uses a variety of mechanisms to ensure a high-performance architecture with strong integrity guarantees for resolved records. We then present our anonymous domain registrar and detail the protocol for securely transferring the service to another party. Finally, we also conduct both performance and legal analyses to further demonstrate the robustness of this approach. In so doing, we show that the delisting of domains from DNS can be mitigated in an efficient and secure manner.


Tor hidden services DNS Proof-of-work Censorship resistance 



The authors would like to thank an anonymous contributor for inspiration and assistance with the development of this system. This work was supported in part by the US National Science Foundation under Grant Number CNS-1464088. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the NSF.


  1. 1.
    112th Congress of the United States of America. H.R. 3261—Stop Online Piracy (SOPA) Act. (2011)
  2. 2.
    112th Congress of the United States of America. Senate Bill 986—Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act (PIPA). (2011)
  3. 3.
  4. 4.
    Anderson, R., et al.: The eternity service. In: Pragocrypt96, pp. 242–252 (1996)Google Scholar
  5. 5.
    Androulaki, E., Karame, G., Roeschlin, M., Scherer, T., Capkun, S.: Evaluating user privacy in bitcoin. IACR Cryptol. ePrint Arch. 2012, 596 (2012)Google Scholar
  6. 6.
    Anonymous: The collateral damage of internet censorship by DNS injection. ACM SIGCOMM Comput. Commun. Rev. 42(3), 21–27 (2012)CrossRefGoogle Scholar
  7. 7.
    Asia Pacific Network Information Centre Labs. Measuring DNSSEC performance. (2013)
  8. 8.
    Awerbuch, B., Scheideler, C.: Group spreading: a protocol for provably secure distributed name service. Autom. Lang. Program. 3142, 187–210 (2004)Google Scholar
  9. 9.
    Babaioff, M., Dobzinski, S., Oren, S., Zohar, A.: On bitcoin and red balloons. In: Proceedings of the 13th ACM Conference on Electronic Commerce, pp. 56–73. ACM (2012)Google Scholar
  10. 10.
    Bambauer, D.E.: Orwell’s armchair. Univ. Chic. Law Rev. 79(3), 863–944 (2012)Google Scholar
  11. 11.
    Biryukov, A., Pustogarov, I., Weinmann, R.-P.: Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization, IEEE (2013)Google Scholar
  12. 12.
    Bogetoft, P., Christensen, D.L., Damgård, I., Geisler, M., Jakobsen, T., Krøigaard, M., Nielsen, J.D.,Nielsen, J.B., Nielsen, K., Pagter, J., et al.: Secure multiparty computation goes live. In: Financial Cryptography and Data Security, pp. 325–343. Springer, Berlin (2009)CrossRefGoogle Scholar
  13. 13.
    Boyle, J.: Foucault in cyberspace: surveillance, sovereignty, and hardwired censors. Univ. Cincinnati Law Rev. 66, 177 (1997)Google Scholar
  14. 14.
    Carter, H., Mood, B., Traynor, P., Butler, K.: Secure outsourced garbled circuit evaluation for mobile devices. In: Proceedings of the USENIX Security Symposium (2013)Google Scholar
  15. 15.
    Chaitovitz, A., Hampton, C., Rosenbaum, K., Salem, A., Stoll, T., Tramposch, A.: Responding to online piracy: mapping the legal and policy boundaries. Comm. Law Conspec. 20(1), 1–40 (2012)Google Scholar
  16. 16.
    Cheriton, D.R., Mann, T.P.: Decentralizing a global naming service for improved performance and fault tolerance. ACM Trans. Comput. Syst. 7(2), 147–183 (1989)CrossRefGoogle Scholar
  17. 17.
    Clarke, I., Sandberg, O., Wiley, B., Hong, T.: Freenet: a distributed anonymous information storage and retrieval system. In: Designing Privacy Enhancing Technologies, pp. 46–66. Springer, Berlin (2001)CrossRefGoogle Scholar
  18. 18.
    Cox, R., Muthitacharoen, A., Morris, R.: Serving DNS using a peer-to-peer lookup service. Peer-to-Peer Syst. 2429,155–165 (2002)Google Scholar
  19. 19.
    Cranor, L.F., LaMacchia, B.A.: Spam!. Commun. ACM 41(8), 74–83 (1998)CrossRefGoogle Scholar
  20. 20.
    D. E. 3rd.Transport Layer Security (TLS) Extensions: Extension Definitions. RFC 6066 (Proposed Standard) (2011)Google Scholar
  21. 21.
    Dingledine, R.: Obfsproxy: the next step in the censorship arms race. Tor Project official blog (2012)Google Scholar
  22. 22.
    Dingledine, R., Freedman, M., Molnar, D.: The free haven project: distributed anonymous storage service. In: Designing Privacy Enhancing Technologies, pp. 67–95. Springer, Berlin (2001)CrossRefGoogle Scholar
  23. 23.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. Technical report, DTIC Document (2004)Google Scholar
  24. 24.
    Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Advances in Cryptology, pp. 139–147. Springer, Berlin (1993)Google Scholar
  25. 25.
    Eastlake, D.E., et al.: Domain Name System Security Extensions, IETF (1999)Google Scholar
  26. 26.
    Electronic Frontier Foundation. Anti-Counterfeiting Trade Agreement (ACTA). (2012)
  27. 27.
    Feamster, N., Balazinska, M., Harfst, G., Balakrishnan, H., Karger, D.: Infranet: circumventing web censorship and surveillance. In: Proceedings of the 11th USENIX Security Symposium, pp. 247–262. San Francisco, CA (2002)Google Scholar
  28. 28.
    Fischer, B.R.: OnionCat: a Tor-based anonymous VPN. In: Proceedings of the 25th Chaos Communication Congress (2008)Google Scholar
  29. 29.
    Froomkin, A.M.: Wrong turn in cyberspace: using ICANN to route around the APA and the constitution. Duke Law J. 50(1), 17–186 (2000)CrossRefGoogle Scholar
  30. 30.
    Henkin, L.: Restatement of the Law, Third: The Foreign Relations Law of the United States. American Law Institute-American Bar Association (ALI-ABA) (1987)Google Scholar
  31. 31.
    Internet Systems Consortium.
  32. 32.
    Johnson, A., Wacek, C., Jansen, R., Sherr, M., Syverson, P.: Users get routed: traffic correlation on Tor by realistic adversaries. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2013)Google Scholar
  33. 33.
    Juels, A., Brainard, J.G.: Client puzzles: a cryptographic countermeasure against connection depletion attacks. NDSS 99, 151–165 (1999)Google Scholar
  34. 34.
    Kamara, S., Mohassel, P., Riva, B.: Salus: a system for server-aided secure function evaluation. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2012)Google Scholar
  35. 35.
    Karame, G., Androulaki, E., Capkun, S.: Two bitcoins at the price of one? Double-spending attacks on fast payments in bitcoin. IACR Cryptol. ePrint Arch. 2012, 248 (2012)Google Scholar
  36. 36.
    Kolkman, O., Gieben, M.: RFC 4161 DNSSEC Operational Practices (2006)Google Scholar
  37. 37.
    Kopel, K.: Operation seizing our sites: how the federal government is taking domain names without prior notice. Berkeley Technol. Law J. 28, 859–900 (2013)Google Scholar
  38. 38.
    Laurie, B., Clayton, R.: “Proof-of-Work” proves not to work; version 0.2. In: Workshop on Economics and Information, Security (2004)Google Scholar
  39. 39.
    Lee, T.B.: ICE Admits Year-long Seizure of Music Blog was a Mistake. (2011)
  40. 40.
    Mann, F.A.: The Doctrine of International Jurisdiction Revisited After Twenty Years (1984)Google Scholar
  41. 41.
    Mestdagh, C.D.V., Rijgersberg, R.W.: Rethinking accountability in cyberspace: a new perspective on ICANN. Int. Rev. Law Comput. Technol. 21(1), 27–38 (2007)CrossRefGoogle Scholar
  42. 42.
    Microsoft.Dnssec performance considerations. (2014)
  43. 43.
    Microsoft Corporation. Microsoft Corporation v. Dominique Alexander Piatti; Jone Does1-22.2011. Virginia Eastern District CourtGoogle Scholar
  44. 44.
    Microsoft Corporation. Microsoft Corporation v. Peng Yong et. al. 2012. Virginia Eastern District CourtGoogle Scholar
  45. 45.
    Microsoft Corporation.Microsoft v. John Does 1-39. 2012. New York Eastern District CourtGoogle Scholar
  46. 46.
    Miers, I., Garman, C., Green, M., Rubin, A.D: Zerocoin: anonymous distributed E-cash from bitcoin. In: IEEE Symposium on Security and Privacy (2013)Google Scholar
  47. 47.
    Mittal, P., Khurshid, A., Juen, J., Caesar, M., Borisov, N.: Stealthy traffic analysis of low-latency anonymous communication using throughput fingerprinting. In: Proceedings of the 18th ACM Conference on Computer and Communications Security. ACM, pp. 215–226 (2011)Google Scholar
  48. 48.
    Mody, S.S.: National cyberspace regulation: unbundling the concept of jurisdiction. Stan. J. Int. 37, 365 (2001)Google Scholar
  49. 49.
    Namecoin was stillborn, I had to switch off life-support. (archived at
  50. 50.
    Namecoin, (2015)
  51. 51.
    Nadji, Y., Antonakakis, M., Perdisci, R., Dagon, D., Lee, W.: Beheading hydras: performing effective botnet takedowns. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2013)Google Scholar
  52. 52.
    Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system. Consulted 1, 2012 (2008)Google Scholar
  53. 53.
    Naraine, R.: Massive DDoS attack hit DNS root servers. (2002)
  54. 54.
    Order, puerto 80 projects, s.l.u. v united states. (2011)
  55. 55.
    Overlier, L., Syverson, P.: Locating hidden servers. In: 2006 IEEE Symposium on Security and Privacy, p. 15. IEEE (2006)Google Scholar
  56. 56.
    Panzarino, M.: Syrian Electronic Army Apparently Hacks DNS Records Of Twitter, NYT Through Registrar Melbourne IT. (2013)
  57. 57.
    Pappas, V., Massey, D., Terzis, A., Zhang, L.: A comparative study of the dns design with DHT-based alternatives. In: Proceedings of the IEEE INFOCOM 2006, 25th IEEE International Conference on Computer Communications, pp. 1–13 (2006)Google Scholar
  58. 58.
    Park, K., Pai, V., Peterson, L., Wang, Z.: CoDNS: Improving DNS Performance and Reliability via Cooperative Lookups. In: OSDI, pp. 199–214 (2004)Google Scholar
  59. 59.
    Piscitello, D.: Anatomy of a DNS DDoS Amplification Attack. (2011)
  60. 60.
    Poole, L., Pai, V.: ConfiDNS: leveraging scale and history to improve DNS security. In: Proceedings of the WORLDS (2006)Google Scholar
  61. 61.
    Ramasubramanian, V., Sirer, E.: The design and implementation of a next generation name service for the internet. ACM SIGCOMM Comput. Commun. Rev. 331, 331–342 (2004)CrossRefGoogle Scholar
  62. 62.
    Scaife, N., Carter, H., Traynor, P.: OnionDNS: a seizure-resistant top-level domain. In: Proceedings of the IEEE Conference on Communications and Network Security (CNS) (2015)Google Scholar
  63. 63.
    Song, Y., Koyanagi, K.: Study on a hybrid P2P based DNS. In: 2011 IEEE International Conference on Computer Science and Automation Engineering, pp. 152–155 (2011)Google Scholar
  64. 64.
  65. 65.
    Testimony of John Morton, Director, U.S. Immigration and Customs Enforcement, Before the U.S. House of Representatives Committee on the Judiciary, Subcommittee on Intellectual Property, Competition and the Internet on “Promoting Investment and Protecting Commerce Online: Legitimate Sites v. Parasites, Part II”. (2011)
  66. 66.
    TorrentFreak.U.S. Government Shuts Down 84,000 Websites, ‘By Mistake’.
  67. 67.
    U.S. Copyright Office. Circumvention of copyright protection systems. (2015)
  68. 68.
    van Rijswijk-Deij, R., Sperotto, A., Pras, A.: Making the case for elliptic curves in DNSSEC. SIGCOMM Comput. Commun. Rev. 45(5), 13–19 (2015)CrossRefGoogle Scholar
  69. 69.
    Waldman, M., Mazieres, D.: Tangler: a censorship-resistant publishing system based on document entanglements. In: Proceedings of the 8th ACM conference on computer and communications security, pp. 126–135. ACM (2001)Google Scholar
  70. 70.
    Waldman, M., Rubin, A.D., Cranor, L.F.: Publius: a robust, tamper-evident, censorship-resistant, web publishing system. In: 9th USENIX Security Symposium, pp. 59–72 (2000)Google Scholar
  71. 71.
    Wang, Q., Gong, X., Nguyen, G.T., Houmansadr, A., Borisov, N.: CensorSpoofer: asymmetric communication using IP spoofing for censorship-resistant web browsing. In: Proceedings of the 2012 ACM conference on Computer and Communications Security, pp. 121–132. ACM (2012)Google Scholar
  72. 72.
    Wang, X., Reiter, M.K.: Defending against denial-of-service attacks with puzzle auctions. In: Proceedings of the 2003 Symposium on Security and Privacy, 2003, pp. 78–92. IEEE (2003)Google Scholar
  73. 73.
    Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: improving SSH-style host authentication with multi-path probing. In: USENIX annual technical conference, pp. 321–334. (2008)Google Scholar
  74. 74.
    Yadron, D.: Syrian Electronic Army’s Alleged Attacks Expose Soft Spot. (2013)

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  • Nolen Scaife
    • 1
    Email author
  • Henry Carter
    • 2
  • Lyrissa Lidsky
    • 3
  • Rachael L. Jones
    • 4
  • Patrick Traynor
    • 1
  1. 1.Department of Computer & Information Science & EngineeringUniversity of FloridaGainesvilleUSA
  2. 2.Department of Computing SciencesVillanova UniversityPhiladelphiaUSA
  3. 3.School of LawUniversity of MissouriColumbiaUSA
  4. 4.School of LawUniversity of North Carolina at Chapel HillChapel HillUSA

Personalised recommendations