EncDNS: A Lightweight Privacy-Preserving Name Resolution Service

  • Dominik Herrmann
  • Karl-Peter Fuchs
  • Jens Lindemann
  • Hannes Federrath
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8712)


Users are increasingly switching to third party DNS resolvers (e. g., Google Public DNS and OpenDNS). The resulting monitoring capabilities constitute an emerging threat to online privacy. In this paper we present EncDNS, a novel lightweight privacy-preserving name resolution service as a replacement for conventional third-party resolvers. The EncDNS protocol, which is based on DNSCurve, encapsulates encrypted messages in standards-compliant DNS messages. User privacy is protected by exploiting the fact that a conventional DNS resolver provides sender anonymity against the EncDNS server. Unlike traditional privacy-preserving techniques like mixes or onion routing, which introduce considerable delays due to routing messages over multiple hops, the EncDNS architecture introduces only one additional server in order to achieve a sufficient level of protection against realistic adversaries. EncDNS is open source software. An initial test deployment is available for public use.


anonymity obfuscation confidentiality encapsulation DNSCurve nameserver DNS proxy encryption third-party DNS open source 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Lemley, M., Levine, D.S., Post, D.G.: Don’t Break the Internet. 64 Stan. L. Rev. Online 34 (2011)Google Scholar
  2. 2.
    Kleinschmidt, B.: An International Comparison of ISP’s Liabilities for Unlawful Third Party Content. I. J. Law and Information Technology 18(4), 332–355 (2010)CrossRefGoogle Scholar
  3. 3.
    Nabi, Z.: The Anatomy of Web Censorship in Pakistan. CoRR abs/1307.1144 (2013)Google Scholar
  4. 4.
    Verkamp, J.P., Gupta, M.: Inferring Mechanics of Web Censorship Around the World. In: 2nd USENIX Workshop on Free and Open Communications on the Internet. USENIX Association (2012)Google Scholar
  5. 5.
    Zittrain, J., Edelman, B.: Internet Filtering in China. IEEE Internet Computing 7(2), 70–77 (2003)CrossRefGoogle Scholar
  6. 6.
    Goodson, S.: If You’re Not Paying For It, You Become The Product. (2012),
  7. 7.
    Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements. RFC 4033 (2005)Google Scholar
  8. 8.
    Conrad, D.: Towards Improving DNS Security, Stability, and Resiliency (2012),
  9. 9.
    Poulson, K.: Edward Snowden’s E-Mail Provider Defied FBI Demands to Turn Over Crypto Keys, Documents Show. Wired,
  10. 10.
    Hsiao, H.C., Kim, T.H.J., Perrig, A., Yamada, A., Nelson, S.C., Gruteser, M., Meng, W.: LAP: Lightweight Anonymity and Privacy. In: IEEE Symposium on Security and Privacy (S&P 2012), pp. 506–520. IEEE (2012)Google Scholar
  11. 11.
    Jansen, R., Johnson, A., Syverson, P.F.: LIRA: Lightweight Incentivized Routing for Anonymity. In: 20th Annual Network and Distributed System Security Symposium (NDSS 2013). The Internet Society (2013)Google Scholar
  12. 12.
    Mockapetris, P.: Domain Names: Concepts and Facilities. RFC 1034 (1987)Google Scholar
  13. 13.
    Mockapetris, P.: Domain Names: Implementation and Specification. RFC 1035 (1987)Google Scholar
  14. 14.
    Zhao, F., Hori, Y., Sakurai, K.: Analysis of Privacy Disclosure in DNS Query. In: International Conference on Multimedia and Ubiquitous Engineering (MUE 2007), pp. 952–957. IEEE (2007)Google Scholar
  15. 15.
    Zhao, F., Hori, Y., Sakurai, K.: Two–Servers PIR Based DNS Query Scheme with Privacy–Preserving. In: International Conference on Intelligent Pervasive Computing (IPC 2007), pp. 299–302. IEEE (2007)Google Scholar
  16. 16.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private Information Retrieval. In: Proceedings of the 36th Annual Symposium on Foundations of Computer Science, Milwaukee, Wisconsin, pp. 41–50. IEEE (1995)Google Scholar
  17. 17.
    Castillo-Perez, S., Garcia-Alfaro, J.: Anonymous Resolution of DNS Queries. In: Meersman, R., Tari, Z. (eds.) OTM 2008, Part II. LNCS, vol. 5332, pp. 987–1000. Springer, Heidelberg (2008)Google Scholar
  18. 18.
    Castillo-Perez, S., García-Alfaro, J.: Evaluation of Two Privacy–Preserving Protocols for the DNS. In: 6th International Conference on Information Technology: New Generations (ITNG 2009), pp. 411–416. IEEE (2009)Google Scholar
  19. 19.
    Lu, Y., Tsudik, G.: Towards Plugging Privacy Leaks in the Domain Name System. In: IEEE 10th International Conference on Peer-to-Peer Computing (P2P 2010), pp. 1–10. IEEE (2010)Google Scholar
  20. 20.
    Ramasubramanian, V., Sirer, E.G.: The Design and Implementation of a Next Generation Name Service for the Internet. In: SIGCOMM 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp. 331–342. ACM (2004)Google Scholar
  21. 21.
    Fabian, B., Goertz, F., Kunz, S., Müller, S., Nitzsche, M.: Privately Waiting – A Usability Analysis of the Tor Anonymity Network. In: Santana, M., Luftman, J.N., Vinze, A.S. (eds.) 16th Americas Conference on Information Systems (AMCIS 2010), p. 258. Association for Information Systems (2010)Google Scholar
  22. 22.
    Federrath, H., Fuchs, K.P., Herrmann, D., Piosecny, C.: Privacy-Preserving DNS: Analysis of Broadcast, Range Queries and Mix-Based Protection Methods. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 665–683. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  23. 23.
    Ager, B., Mühlbauer, W., Smaragdakis, G., Uhlig, S.: Comparing DNS Resolvers in the Wild. In: Allman, M. (ed.) SIGCOMM Conference on Internet Measurement 2010 (IMC 2010), pp. 15–21. ACM (2010)Google Scholar
  24. 24.
    Wander, M., Weis, T.: Measuring Occurrence of DNSSEC Validation. In: [52], pp. 125–134Google Scholar
  25. 25.
    Elz, R., Bush, R.: Clarifications to the DNS Specification. RFC 2181 (1997)Google Scholar
  26. 26.
    Vixie, P.: Extension Mechanisms for DNS (EDNS0). RFC 2671 (1999)Google Scholar
  27. 27.
    Dempsky, M.: DNSCurve: Link-Level Security for the Domain Name System. Internet Draft draft-dempsky-dnscurve-01, RFC Editor (2010)Google Scholar
  28. 28.
    Bernstein, D.J.: The Poly1305-AES Message-Authentication Code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32–49. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  29. 29.
    Bernstein, D.J.: Curve25519: New Diffie-Hellman Speed Records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207–228. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  30. 30.
    Bernstein, D.J.: The Salsa20 Family of Stream Ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84–97. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  31. 31.
    Bernstein, D.J., Lange, T., Schwabe, P.: The Security Impact of a New Cryptographic Library. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 159–176. Springer, Heidelberg (2012)Google Scholar
  32. 32.
    Bernstein, D.J.: Cryptography in NaCl. Technical report, Department of Computer Science (MC 152). The University of Illinois, Chicago, IL (March 2009),
  33. 33.
    Fuchs, K.P., Herrmann, D., Federrath, H.: Introducing the gMix Open Source Framework for Mix Implementations. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 487–504. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  34. 34.
    Levine, B.N., Reiter, M.K., Wang, C.-X., Wright, M.: Timing attacks in low-latency mix systems (extended abstract). In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  35. 35.
    Pries, R., Yu, W., Fu, X., Zhao, W.: A new replay attack against anonymous communication networks. In: International Conference on Communications (ICC 2008), pp. 1578–1582. IEEE (2008)Google Scholar
  36. 36.
    McCoy, D., Bauer, K.S., Grunwald, D., Kohno, T., Sicker, D.C.: Shining Light in Dark Places: Understanding the Tor Network. In: Borisov, N., Goldberg, I. (eds.) PETS 2008. LNCS, vol. 5134, pp. 63–76. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  37. 37.
    Winter, P., Lindskog, S.: Spoiled Onions: Exposing Malicious Tor Exit Relays. CoRR abs/1401.4917 (2014)Google Scholar
  38. 38.
    Park, K., Pai, V.S., Peterson, L.L., Wang, Z.: CoDNS: Improving DNS Performance and Reliability via Cooperative Lookups. In: 6th Symposium on Operating System Design and Implementation, pp. 199–214. USENIX Association (2004)Google Scholar
  39. 39.
    Wendlandt, D., Andersen, D.G., Perrig, A.: Perspectives: Improving SSH-style Host Authentication with Multi-Path Probing. In: USENIX Annual Technical Conference, pp. 321–334. USENIX (2008)Google Scholar
  40. 40.
    Kambourakis, G., Moschos, T., Geneiatakis, D., Gritzalis, S.: Detecting DNS Amplification Attacks. In: Lopez, J., Hämmerli, B.M. (eds.) CRITIS 2007. LNCS, vol. 5141, pp. 185–196. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  41. 41.
  42. 42.
    Nussbaum, L., Richard, O.: A Comparative Study of Network Link Emulators. In: Wainer, G.A., Shaffer, C.A., McGraw, R.M., Chinni, M.J. (eds.) Proceedings of the 2009 Spring Simulation Multiconference. SCS/ACM (2009)Google Scholar
  43. 43.
    Liang, J., Jiang, J., Duan, H.X., Li, K., Wu, J.: Measuring Query Latency of Top Level DNS Servers. In: [52], pp. 145–154Google Scholar
  44. 44.
    Dagon, D., Antonakakis, M., Vixie, P., Jinmei, T., Lee, W.: Increased DNS Forgery Resistance Through 0x20-bit Encoding: Security via Leet Queries. In: Ning, P., Syverson, P.F., Jha, S. (eds.) Conference on Computer and Communications Security (CCS 2008), pp. 211–222. ACM (2008)Google Scholar
  45. 45.
    Schomp, K., Callahan, T., Rabinovich, M., Allman, M.: Assessing DNS Vulnerability to Record Injection. In: Faloutsos, M., Kuzmanovic, A. (eds.) PAM 2014. LNCS, vol. 8362, pp. 214–223. Springer, Heidelberg (2014)CrossRefGoogle Scholar
  46. 46.
    Karol, M., Hluchyj, M., Morgan, S.: Input versus output queueing on a space-division packet switch. IEEE Trans. on Communications 35(12), 1347–1356 (1987)CrossRefGoogle Scholar
  47. 47.
    Nowlan, M.F., Wolinsky, D., Ford, B.: Reducing Latency in Tor Circuits with Unordered Delivery. In: 3rd USENIX Workshop on Free and Open Communications on the Internet. USENIX Association (2013)Google Scholar
  48. 48.
    Reardon, J., Goldberg, I.: Improving Tor using a TCP-over-DTLS Tunnel. In: USENIX Security Symposium, pp. 119–134. USENIX Association (2009)Google Scholar
  49. 49.
    AlSabah, M., Goldberg, I.: PCTCP: per-circuit TCP-over-IPsec transport for anonymous communication overlay networks. In: Sadeghi, A.R., Gligor, V.D., Yung, M. (eds.) Conference on Computer and Communications Security (CCS 2013), pp. 349–360. ACM (2013)Google Scholar
  50. 50.
    Josefsson, S.: The Base16, Base32, and Base64 Data Encodings. RFC 4648 (2006)Google Scholar
  51. 51.
    Barnes, R.: Use Cases and Requirements for DNS-Based Authentication of Named Entities (DANE). RFC 6394 (2011)Google Scholar
  52. 52.
    Roughan, M., Chang, R. (eds.): PAM 2013. LNCS, vol. 7799. Springer, Heidelberg (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Dominik Herrmann
    • 1
  • Karl-Peter Fuchs
    • 1
  • Jens Lindemann
    • 1
  • Hannes Federrath
    • 1
  1. 1.Computer Science DepartmentUniversity of HamburgGermany

Personalised recommendations