DNS Privacy in Practice and Preparation Casey Deccio Jacob Davis∗ Brigham Young University Sandia National Laboratories Provo, UT Livermore, CA [email protected] [email protected] ABSTRACT including Cloudflare [23], Google [21], and Quad9 [36]. With all the An increased demand for privacy in Internet communications has momentum surrounding the deployment of these relatively new resulted in privacy-centric enhancements to the Domain Name protocols, we seek to answer questions about their deployment in System (DNS), including the use of Transport Layer Security (TLS) the wild. and Hypertext Transfer Protocol Secure (HTTPS) for DNS queries. All new Internet protocols require some amount of retrofit be- In this paper, we seek to answer questions about their deployment, cause of the many existing protocols already in wide deployment. including their prevalence and their characteristics. Our work in- Both DoT and DoH require that DNS queries be performed over the cludes an analysis of DNS-over-TLS (DoT) and DNS-over-HTTPS Transmission Control Protocol (TCP), rather than the User Data- (DoH) availability at open resolvers and authoritative DNS servers. gram Protocol (UDP), which has been the primary transport of the We find that DoT and DoH services exist on just a fraction ofopen DNS. Also, instead of using the standard port (53) that has been resolvers, but among them are the major vendors of public DNS in use since the inception of the DNS, DoT uses a newly allocated services. We also analyze the state of TCP Fast Open (TFO), which is port (853). considered key to reducing the latency associated with TCP-based With over 35 years of traditional DNS entrenched in Internet DNS queries, required by DoT and DoH. The uptake of TFO is ex- infrastructure, change can be hard. Both DoT and DoH come with tremely low, both on the server side and the client side, and it must additional costs in terms of reduced performance and availability. be improved to avoid performance degradation with continued For example, the use of TCP requires maintaining connection state adoption of DNS Privacy enhancements. at the client and the server, and TCP connection establishment can double the delay for a single DNS query-response transaction— CCS CONCEPTS not to mention the round-trip time (RTT) associated with the TLS handshake for both DoT and DoH. Additionally, proper usage of • Networks → Network privacy and anonymity; Naming and DoT and DoH requires support on both client and server platforms, addressing. and permissive infrastructure on the network path between. Many KEYWORDS administrators are expecting DNS traffic over port 53 only—and possibly only over UDP (despite the fact that TCP support for the DNS, Privacy, Measurement DNS has been specified for 30 years [5, 14])—and have configured ACM Reference Format: their networks accordingly. Casey Deccio and Jacob Davis. 2019. DNS Privacy in Practice and Prepara- Several techniques have been introduced to reduce the cost as- tion. In The 15th International Conference on emerging Networking EXperi- sociated with these DNS privacy extensions. TCP Fast Open (TFO) ments and Technologies (CoNEXT ’19), December 9–12, 2019, Orlando, FL, USA. was introduced to eliminate the delay associated with connection ACM, New York, NY, USA, 6 pages. https://doi.org/10.1145/3359989.3365435 establishment when communicating with a known host [9, 37]. TLS 1.3 introduces 0-RTT, with which data can be sent before the 1 INTRODUCTION TLS handshake is complete [39]. This also reduces delay, albeit An increased demand for privacy in Internet communications has with weaker security assurances than are had otherwise. Also, the driven the creation of several privacy-centric extensions to the practices of query pipelining and out-of-order responses over a Domain Name System (DNS). Two important enhancements are TCP connection were specified to make the best use of long-lived the use of Transport Layer Security (TLS) and Hypertext Transfer TCP connection with a server [14]. Protocol Secure (HTTPS) for DNS queries. DNS over TLS (DoT) In this paper we study the deployment of DNS privacy—and and DNS over HTTPS (DoH) have recently been standardized [25, the underlying protocols upon which its successful deployment 26] and have been deployed by several large public DNS services, depends. First, we quantify the existence of publicly accessible ∗This work was performed while the author was a student at Brigham Young University. DoT and DoH resolvers in the wild and assess their deployment configurations, including the certificate authorities (CAs) andTLS Permission to make digital or hard copies of all or part of this work for personal or versions in use. Next, we investigate the deployment of TFO, both classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation for DoT servers and generally across DNS infrastructure world- on the first page. Copyrights for components of this work owned by others than ACM wide. must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, Our measurements show that only a relatively small number to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]. of DNS servers support DNS privacy—0.15% of the open resolvers CoNEXT ’19, December 9–12, 2019, Orlando, FL, USA and a non-zero but negligible number of authoritative servers that © 2019 Association for Computing Machinery. we queried. However, several popular DNS providers are among ACM ISBN 978-1-4503-6998-5/19/12...$15.00 https://doi.org/10.1145/3359989.3365435 those offering this support, including Cloudflare, Facebook, Google, CoNEXT ’19, December 9–12, 2019, Orlando, FL, USA Casey Deccio and Jacob Davis and Quad9. We also find that fewer than half of the DoT resolvers, 16-bit grouped by IP prefix, support TLS 1.3 for possible 0-RTT usage. Total Prefixes Additionally, fewer than 10% of DoT resolvers, grouped by IP prefix, DoT Open Resolvers 1,747 149 fully support TFO. General TFO support across DNS servers is also Support TLS 1.3 79 (4.5%) 57 (38%) low, with less than 1% of open resolvers, Alexa 5k domains, and Support TLS 1.2 1,701 (97%) 145 (97%) top-level domains (TLDs) supporting TFO in full. No Support for TLS 1, 1.1 80 (4.6%) 63 (42%) Use self-signed cert 11 (0.63%) 21 (14%) Use GoDaddy as CA 1,572 (90%) 28 (19%) Use Let’s Encrypt as CA 90 (5.2%) 72 (48%) 2 BACKGROUND AND PREVIOUS WORK Returns TFO cookie 25 (1.4%) 11 (7.4%) The DNS [31, 32] is the system responsible for the translation of Acks SYN data 25 (1.4%) 11 (7.4%) domain names to resources such as IP addresses. DNS name resolu- DoH Open Resolvers 9 5 tion involves interactions between several parties. A stub resolver TCP Responsive 557,969 - asks questions of a recursive resolver, and the recursive resolver Returns TFO cookie 10,851 (1.9%) - finds the answers by asking one or more authoritative DNS servers. Acks SYN data 1,257 (0.23%) - DoT and DoH are privacy extensions to the DNS, both of which Table 1: Summary of DoT, DoH, and TFO measurements prevent an eavesdropper from manipulating or introspecting a against open DNS resolvers. DNS query or its response, by encrypting client-server communica- tions. DoT [26] involves establishing a TCP connection to a remote host, performing a TLS handshake [39] over that connection, and then issuing a DNS query as if it were over plain TCP [31, 32]. With DoH [25], the client issues a DNS query in an HTTPS re- Other studies have been conducted to identify and character- quest [18, 38] and receives the DNS response in the corresponding ize open DNS resolvers [29, 35] and to measure the availability of HTTPS response. DoT and DoH differ from the DNS Security Ex- DNS authoritative servers [12, 13, 33, 34]. However, the first study tensions (DNSSEC) [2–4], in that DNSSEC is used to authenticate that we know of related to the deployment of DNS privacy was the contents of a DNS response, independent of the server it came released more recently [30]. Our results both confirm and comple- from, and it does not provide privacy. ment their work. The authors used ZMap [17] to perform a scan of In comparison with traditional DNS queries, which primarily use port 853 on all IPv4 addresses, and they tried both the /resolve UDP, DoT and DoH queries incur additional delay because of TCP and /dns-query URIs to test for potential DoH servers. Ultimately, connection establishment and the TLS handshake. However, several the numbers of resolvers supporting DoT and DoH are on the same protocols help reduce this overhead. With TFO, TCP connection order as what we found in our study (section 3). Our study com- establishment delay is effectively eliminated between a client and plements that of [30] by including TFO measurements and DNS server after an initial TCP connection is established between the privacy measurements between recursive and authoritative DNS two. During this initial connection, the client includes the TFO servers. option in the TCP header of the SYN packet. The server generates a cookie specific to the client and returns it in the TFO option ofthe 3 DOT AND DOH MEASUREMENT SYN-ACK. The client stores the cookie, and the next time it initiates We begin our study by measuring the prevalence of DoT and DoH, a TCP connection to that server, it includes in the SYN packet first in open DNS resolvers and then in authoritative DNS servers.