Short Paper: On Deployment of DNS-based Security Enhancements
Pawel Szalachowski, Adrian Perrig
TL;DR
This paper examines the deployment of DNS-based security enhancements, analyzing their characteristics, reliability, and compatibility with the Tor network, revealing unexpected issues in DNS resolution within Tor.
Contribution
It provides a detailed analysis of DNS security solutions, their deployment challenges, and their interaction with Tor, highlighting previously unreported drawbacks.
Findings
DNS security solutions have compatibility issues with Tor
Reliability of DNS in security applications varies significantly
Unexpected drawbacks in Tor's DNS resolution process
Abstract
Although the Domain Name System (DNS) was designed as a naming system, its features have made it appealing to repurpose it for the deployment of novel systems. One important class of such systems are security enhancements, and this work sheds light on their deployment. We show the characteristics of these solutions and measure reliability of DNS in these applications. We investigate the compatibility of these solutions with the Tor network, signal necessary changes, and report on surprising drawbacks in Tor's DNS resolution.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInternet Traffic Analysis and Secure E-voting · IPv6, Mobility, Handover, Networks, Security · Network Security and Intrusion Detection