Pretty Bad Privacy: Pitfalls of DNS Encryption
Abstract: As awareness for privacy of Domain Name System (DNS) is increasing, a number of mechanisms for encryption of DNS packets were proposed. We study the prominent defences, focusing on the privacy guarantees, interoperability with the DNS infrastructure, and the efficiency overhead. In particular:
- We explore dependencies in DNS and show techniques that utilise DNS specific side channel leaks allowing to infer information about the target domain in an encrypted DNS packet.
- We examine common DNS servers configurations and show that the proposals are expected to encounter deployment obstacles with (at least) 38% of 50K-top Alexa domains and (at least) $12\%$ of the top-level domains (TLDs), and will disrupt the DNS functionality and availability for clients. We also show the implication of these configurations on adoption of DNSSEC.
- We show that due to the non-interoperability with the caches, the proposals for end-to-end encryption may have a prohibitive traffic overhead on the name servers.
Our work indicates that further study may be required to adjust the proposals to stand up to their security guarantees, and to make them suitable for the common servers' configurations in the DNS infrastructure.