Presentation is loading. Please wait.

Presentation is loading. Please wait.

The world changes again

Published byKaroliina Korpela Modified over 6 years ago

Similar presentations

Presentation on theme: "The world changes again"— Presentation transcript:

1 The world changes again
DNS Privacy: The world changes again

2 The world changes again
DNS Privacy: The world changes again Dmitry Belyavskiy, Technical Centre of Internet EEDNS Forum, Moscow,Russia December 4, 2018 2

3 DNS Privacy: why? DNS data is public, your requests are not 70% people can be recognized by their queries Threat model IETF WG dprive (2014 — nowadays) IETF WG doh (2017 — nowadays)

4 Solutions: non-cryptographic part
QNAME minimization Hide source IP Consequences: more DNS queries

5 Solutions: cryptographic part
Padding (2016, 2018) DNS over TLS (2016). DNS over DTLS (2017). DNS over HTTPS (2018) Supported by all major players

6 Big data market Old: social networks New: CDNs, Browsers Future: who knows? Mobile phone vendors? Nationwide services?

7 Switching to new model Users will not switch themselves DoH/DoT in browsers: opt-in => opt-out? Resolving: from providers (and roots) to major resolvers

8 Security consequences
Host: major resolver, port: 443. Is everything ok? No more DNS-based DPI Only major players are able to fight malware/botnets? Law-enforcement, antitrust: new relations?

9 Overall context «All-in-one-browser» Encrypted DNS Encrypted handshake Encrypted traffic

10 Questions?

Download ppt "The world changes again"

Similar presentations

© GlobalSign. A GMO Internet Inc group company. Authentication. Security. Trust. A tutorial on how you can host multiple SSL Certificates on a single IP.

© GlobalSign. A GMO Internet Inc group company. Authentication. Security. Trust. A tutorial on how you can host multiple SSL Certificates on a single IP.
© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.
Peter Ginnegar Technical Solution Professional Microsoft Corporation

Peter Ginnegar Technical Solution Professional Microsoft Corporation
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.

TCP/IP Addressing Design. Objectives Choose an appropriate IP addressing scheme based on business and technical requirements Identify IP addressing problems.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
1 IETF – ENUM US Government Briefing Richard Shockey IETF ENUM Work Group Chair Senior Technical Industry Liaison NeuStar, Inc. 1120 Vermont Avenue N.W.

1 IETF – ENUM US Government Briefing Richard Shockey IETF ENUM Work Group Chair Senior Technical Industry Liaison NeuStar, Inc Vermont Avenue N.W.
Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.

Internet Engineering Course Network Design. Internet Engineering Course; Sharif University of Technology Contents Define and analyse an organization network.
Technical Challenges of Privacy, Reliability, and Security Dr. Marcus Brunner Head of Standardization, Eco-system Development, and Open Source Swisscom.

Technical Challenges of Privacy, Reliability, and Security Dr. Marcus Brunner Head of Standardization, Eco-system Development, and Open Source Swisscom.
Ethernet Basics - 5 IGMP. The Internet Group Management Protocol (IGMP) is an Internet protocol that provides a way for an Internet computer to report.

Ethernet Basics - 5 IGMP. The Internet Group Management Protocol (IGMP) is an Internet protocol that provides a way for an Internet computer to report.
Policy Considerations RUCUS BOF IETF 71 - Philadelphia March 10, 2005 John Morris.

Policy Considerations RUCUS BOF IETF 71 - Philadelphia March 10, 2005 John Morris.
DNS Privacy Overview Allison Mankin & Shumon Huque, Verisign Labs DNS-OARC Fall Workshop October 3, 2015.

DNS Privacy Overview Allison Mankin & Shumon Huque, Verisign Labs DNS-OARC Fall Workshop October 3, 2015.
The Domain Name System and DNS Blocking Malcolm Hutty Head of Public Affairs, LINX February 2011.

The Domain Name System and DNS Blocking Malcolm Hutty Head of Public Affairs, LINX February 2011.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
DNS Antidote Abhishek Madav(86378148) Suhas Tikoo(22363556) Urjit Khadilkar(24449837)

DNS Antidote Abhishek Madav( ) Suhas Tikoo( ) Urjit Khadilkar( )
Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.

Regan Little. Definition Methods of Screening Types of Firewall Network-Level Firewalls Circuit-Level Firewalls Application-Level Firewalls Stateful Multi-Level.
The Internet Engineering Task Force Security Area Kathleen Moriarty Stephen Farrell Security Area Directors.

The Internet Engineering Task Force Security Area Kathleen Moriarty Stephen Farrell Security Area Directors.
Multicast in Information-Centric Networking March 2012.

Multicast in Information-Centric Networking March 2012.
Network Address Translation

Network Address Translation
High performance recursive DNS solution

High performance recursive DNS solution

Similar presentations

Ads by Google