Abstract
End-users are concerned about protecting the privacy of their sensitive personal data that are generated while working on information systems. This extends to both the data they actively provide including personal identification in exchange for products and services as well as its related metadata such as unnecessary access to their location. This is when certain privacy-preserving technologies come into a place where Internet Engineering Task Force (IETF) plays a major role in incorporating such technologies at the fundamental level. Thus, this paper offers an overview of the privacy-preserving mechanisms for layer 3 (i.e. IP) and above that are currently under standardization at the IETF. This includes encrypted DNS at layer 5 classified as DNS-over-TLS (DoT), DNS-over-HTTPS (DoH), and DNS-over-QUIC (DoQ) where the underlying technologies like QUIC belong to layer 4. Followed by that, we discuss Privacy Pass Protocol and its application in generating Private Access Tokens and Passkeys to replace passwords for authentication at the application layer (i.e. end-user devices). Lastly, to protect user privacy at the IP level, Private Relays and MASQUE are discussed. This aims to make designers, implementers, and users of the Internet aware of privacy-related design choices.
- Harald Tveit Alvestrand. A mission statement for the IETF. RFC, 3935:1--7, 2004. https://www.rfc-editor.org/rfc/pdfrfc/rfc3935.txt.pdf.Google Scholar
- B. Detwiler B. Ledvina, Z. Eddinger and S. P. Polatkan. Detecting Unwanted Location Trackers. https://datatracker.ietf.org/doc/html/draft-detecting-unwanted-location-trackers-00, 2023.Google Scholar
- Stephen Farrell and Hannes Tschofenig. Pervasive monitoring is an attack. RFC, 7258:1--6, 2014. https://www.rfc-editor.org/rfc/pdfrfc/rfc7258.txt.pdf.Google Scholar
- Minzhao Lyu, Hassan Habibi Gharakheili, and Vijay Sivaraman. A survey on DNS encryption: Current development, malware misuse, and inference techniques. ACM Comput. Surv., 55(8):162:1--162:28, 2023.Google ScholarDigital Library
- Rebekah Houser, Zhou Li, Chase Cotton, and Haining Wang. An Investigation on Information Leakage of DNS over TLS. In CoNEXT.Google Scholar
- Levente Csikor, Himanshu Singh, Min Suk Kang, and Dinil Mon Divakaran. Privacy of DNS-over-HTTPS: Requiem for a Dream? In IEEE EuroS&P, pages 252--271, 2021.Google Scholar
- Mike Kosek, Luca Schumann, Robin Marx, Trinh Viet Doan, and Vaibhav Bajpai. DNS Privacy with Speed? Evaluating DNS over QUIC and its Impact on Web Performance. In Proceedings of the 22nd ACM Internet Measurement Conference, IMC, pages 44--50.Google Scholar
- Adam Langley, Alistair Riddoch, Alyssa Wilk, Antonio Vicente, Charles Krasic, Dan Zhang, Fan Yang, Fedor Kouranov, Ian Swett, Janardhan R. Iyengar, Jeff Bailey, Jeremy Dorfman, Jim Roskind, Joanna Kulik, Patrik Westin, Raman Tenneti, Robbie Shade, Ryan Hamilton, Victor Vasiliev, Wan-Teh Chang, and Zhongyi Shi. The QUIC Transport Protocol: Design and Internet-Scale Deployment. In SIGCOMM, 2017.Google ScholarDigital Library
- Matthias Cäsar, Tobias Pawelke, Jan Steffan, and Gabriel Terhorst. A survey on bluetooth low energy security and privacy. Comput. Networks, 205:108712, 2022.Google ScholarDigital Library
- Alissa Cooper, Hannes Tschofenig, Bernard Aboba, Jon Peterson, John B. Morris, Marit Hansen, and Rhys Smith. Privacy Considerations for Internet Protocols. RFC, 6973:1--36, 2013. Google ScholarDigital Library
- Patrick Sattler, Juliane Aulbach, Johannes Zirngibl, and Georg Carle. Towards a tectonic traffic shift?: investigating apple's new relay network. In Proceedings of the 22nd ACM Internet Measurement Conference, IMC, pages 449--457.Google Scholar
- Stephen McQuistin, Mladen Karan, Prashant Khare, Colin Perkins, Gareth Tyson, Matthew Purver, Patrick Healey, Waleed Iqbal, Junaid Qadir, and Ignacio Castro. Characterising the IETF through the lens of RFC deployment. In IMC '21: ACM Internet Measurement Conference, pages 137--149.Google Scholar
- Scott Hendrickson, Jana Iyengar, Tommy Pauly, Steven Valdez, and Christopher A. Wood. Private Access Tokens. Internet-Draft draft-private-access-tokens-01, Internet Engineering Task Force, October 2021. Work in Progress.Google Scholar
- Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-15, Internet Engineering Task Force, October 2022. Work in Progress.Google Scholar
- Tommy Pauly, Eric Kinnear, Christopher A. Wood, Patrick McManus, and Tommy Jensen. Discovery of Designated Resolvers. Internet-Draft draft-ietf-add-ddr-10, Internet Engineering Task Force, August 2022. Work in Progress.Google Scholar
- Mohamed Boucadair, Tirumaleswar Reddy. K, Dan Wing, Neil Cook, and Tommy Jensen. DHCP and Router Advertisement Options for the Discovery of Network-designated Resolvers (DNR). Internet-Draft draft-ietf-add-dnr-15, Internet Engineering Task Force, April 2023. Work in Progress.Google Scholar
- Benjamin M. Schwartz. Service Binding Mapping for DNS Servers. Internet-Draft draft-ietf-add-svcb-dns-08, Internet Engineering Task Force, March 2023. Work in Progress.Google Scholar
- Alex Davidson, Jana Iyengar, and Christopher A. Wood. The Privacy Pass Architecture. Internet-Draft draft-ietf-privacypass-architecture-11, Internet Engineering Task Force, March 2023. Work in Progress.Google Scholar
- Sofia Celi, Alex Davidson, Armando Faz-Hernandez, Steven Valdez, and Christopher A. Wood. Privacy Pass Issuance Protocol. Internet-Draft draft-ietf-privacypass-protocol-10, Internet Engineering Task Force, March 2023. Work in Progress.Google Scholar
- Tommy Pauly, Steven Valdez, and Christopher A. Wood. The Privacy Pass HTTP Authentication Scheme. Internet-Draft draft-ietf-privacypass-auth-scheme-09, Internet Engineering Task Force, March 2023. Work in Progress.Google Scholar
- Scott Hendrickson, Jana Iyengar, Tommy Pauly, Steven Valdez, and Christopher A. Wood. Rate-Limited Token Issuance Protocol. Internet-Draft draft-ietf-privacypass-rate-limit-tokens-01, Internet Engineering Task Force, March 2023. Work in Progress.Google Scholar
- Tommy Pauly, David Schinazi, Alex Chernyakhovsky, Mirja Kühlewind, and Magnus Westerlund. Proxying IP in HTTP. Internet-Draft draft-ietf-masque-connect-ip-08, Internet Engineering Task Force, March 2023. Work in Progress.Google Scholar
- Chia-ling Chan, Romain Fontugne, Kenjiro Cho, and Shigeki Goto. Monitoring TLS adoption using backbone and edge traffic. In IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops, INFOCOM Workshops 2018, pages 208--213.Google Scholar
- Sandra Siby, Marc Juárez, Claudia Díaz, Narseo Vallina-Rodriguez, and Carmela Troncoso. Encrypted DNS -> Privacy? A Traffic Analysis Perspective. In NDSS, 2020.Google Scholar
- Dominik Herrmann, Christoph Gerber, Christian Banse, and Hannes Federrath. Analyzing characteristic host access patterns for re-identification of web user sessions. In Information Security Technology for Applications - 15th Nordic Conference on Secure IT Systems, NordSec 2010, volume 7127 of Lecture Notes in Computer Science, pages 136--154.Google Scholar
- Giovane C. M. Moura, Sebastian Castro, Wes Hardaker, Maarten Wullink, and Cristian Hesselman. Clouding up the internet: how centralized is DNS traffic becoming? In IMC '20: ACM Internet Measurement Conference, pages 42--49.Google Scholar
- Noah J. Apthorpe, Dillon Reisman, Srikanth Sundaresan, Arvind Narayanan, and Nick Feamster. Spying on the smart home: Privacy attacks and defenses on encrypted iot traffic. CoRR, abs/1708.05044, 2017.Google Scholar
- Noah J. Apthorpe, Dillon Reisman, and Nick Feamster. A smart home is no castle: Privacy vulnerabilities of encrypted iot traffic. CoRR, abs/1705.06805, 2017.Google Scholar
- Franck Le, Jorge Ortiz, Dinesh C. Verma, and Dilip D. Kandlur. Policy-based identification of iot devices' vendor and type by DNS traffic analysis. In Policy-Based Autonomic Data Governance, volume 11550 of Lecture Notes in Computer Science, pages 180--201, 2018.Google Scholar
- Zi Hu, Liang Zhu, John S. Heidemann, Allison Mankin, Duane Wessels, and Paul E. Hoffman. Specification for DNS over transport layer security (TLS). RFC, 7858:1--19, 2016. https://www.rfc-editor.org/rfc/pdfrfc/rfc7858.txt.pdf.Google Scholar
- Paul E. Hoffman and Patrick McManus. DNS queries over HTTPS (doh). RFC, 8484:1--21, 2018. https://www.rfc-editor.org/rfc/pdfrfc/rfc8484.txt.pdf.Google Scholar
- Christian Huitema, Sara Dickinson, and Allison Mankin. DNS over dedicated QUIC connections. RFC, 9250:1--27, 2022. https://www.rfc-editor.org/rfc/rfc9250.pdf.Google Scholar
- Mike Kosek, Trinh Viet Doan, Simon Huber, and Vaibhav Bajpai. Measuring DNS over TCP in the Era of Increasing DNS Response Sizes: A View from the Edge. Computer Communication Review, 52(2):44--55, 2022.Google ScholarDigital Library
- P. Dikshit, M. Kosek, N. Faulhaber, J. Sengupta, and V. Bajpai. Evaluating DNS Resiliency with Truncation, Fragmentation and DoTCP Fallback. In IFIP Networking Conference, 2023.Google Scholar
- Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Cédric Fournet, Alfredo Pironti, and Pierre-Yves Strub. Triple handshakes and cookie cutters: Breaking and fixing authentication over TLS. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18--21, 2014, pages 98--113. IEEE Computer Society, 2014.Google ScholarDigital Library
- Hugo Krawczyk and Hoeteck Wee. The OPTLS protocol and TLS 1.3. In IEEE European Symposium on Security and Privacy, EuroS&P 2016, pages 81--96.Google ScholarCross Ref
- Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon. TLS 1.3 in practice: How TLS 1.3 contributes to the internet. In WWW '21: The Web Conference 2021, pages 70--79.Google ScholarDigital Library
- Eric Kinnear, Patrick McManus, Tommy Pauly, Tanya Verma, and Christopher A. Wood. Oblivious DNS over HTTPS. RFC, 9230:1--19, 2022. https://www.rfc-editor.org/rfc/rfc9230.pdf.Google Scholar
- Trinh Viet Doan, Roland van Rijswijk-Deij, Oliver Hohlfeld, and Vaibhav Bajpai. An Empirical View on Consolidation of the Web. ACM Transactions on Internet Technology, 22(3):70:1--70:30, 2022.Google ScholarDigital Library
- Trinh Viet Doan, Justus Fries, and Vaibhav Bajpai. Evaluating Public DNS Services in the Wake of Increasing Centralization of DNS. In IFIP Networking Conference, pages 1--9. IEEE, 2021.Google Scholar
- Jana Iyengar and Martin Thomson. QUIC: A udp-based multiplexed and secure transport. RFC, 9000:1--151, 2021. https://www.rfc-editor.org/rfc/rfc9000.pdf.Google Scholar
- Mike Kosek, Tanya Shreedhar, and Vaibhav Bajpai. Beyond QUIC v1: A First Look at Recent Transport Layer IETF Standardization Efforts. IEEE Communications Magazine, 59(4):24--29, 2021.Google ScholarCross Ref
- Tanya Shreedhar, Rohit Panda, Sergey Podanev, and Vaibhav Bajpai. Evaluating QUIC Performance Over Web, Cloud Storage, and Video Workloads. IEEE Transactions on Network and Service Management, 19(2):1366--1381, 2022.Google ScholarDigital Library
- J. Sengupta, M. Kosek, J. Fries, P. Dikshit, and V. Bajpai. Web Privacy By Design: Evaluating Cross-layer Interactions of QUIC, DNS and H/3. In IFIP Networking Conference, 2023.Google Scholar
- Kathrin Elmenhorst, Bertram Schütz, Nils Aschenbruck, and Simone Basso. Web censorship measurements of HTTP/3 over QUIC. In IMC. ACM, 2021.Google ScholarDigital Library
- Mike Bishop. HTTP/3. RFC, 9114:1--57, 2022. https://www.rfc-editor.org/rfc/rfc9114.pdf.Google Scholar
- Yoshimichi Nakatsuka, Ercan Ozturk, Andrew Paverd, and Gene Tsudik. CACTI: captcha avoidance via client-side TEE integration. In 30th USENIX Security Symposium, USENIX Security 2021, pages 2561--2578. USENIX Association.Google Scholar
- Marti Motoyama, Kirill Levchenko, Chris Kanich, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. Re: Captchas-understanding captcha-solving services in an economic context. In 19th USENIX Security Symposium, pages 435--462, 2010.Google Scholar
- Alex Davidson, Ian Goldberg, Nick Sullivan, George Tankersley, and Filippo Valsorda. Privacy pass: Bypassing internet challenges anonymously. Proc. Priv. Enhancing Technol., 2018(3):164--180, 2018.Google ScholarCross Ref
- Nick Frymann, Daniel Gardham, Franziskus Kiefer, Emil Lundberg, Mark Manulis, and Dain Nilsson. Asynchronous remote key generation: An analysis of yubico's proposal for W3C webauthn. In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, 2020, pages 939--954.Google ScholarDigital Library
- Emil Lundberg Michael B Jones, Akshay Kumar. Web authentication: An api for accessing public key credentials level 3. https://w3c.github.io/webauthn/, 2022.Google Scholar
- M. Thomson and C. A. Wood. Oblivious HTTP. https://www.ietf.org/archive/id/draft-ietf-ohai-ohttp-08.html, 2023.Google Scholar
- Mirja Kühlewind, Matias Carlander-Reuterfelt, Marcus Ihlar, and Magnus Westerlund. Evaluation of QUIC-based MASQUE Proxying. In EPIQ 2021.Google Scholar
- W3Tech. Usage statistics of HTTP/3 for websites. https://w3techs.com/technologies/details/ce-http3, 2023.Google Scholar
- Sebastián García, Karel Hynek, Dmitrii Vekshin, Tomás Cejka, and Armin Wasicek. Large scale measurement on the adoption of encrypted DNS. CoRR, abs/2107.04436, 2021.Google Scholar
- W3Tech. Usage statistics of QUIC for websites. https://w3techs.com/technologies/details/ce-quic, 2023.Google Scholar
- Mike Kosek, Trinh Viet Doan, Malte Granderath, and Vaibhav Bajpai. One to Rule Them All? A First Look at DNS over QUIC. In Passive and Active Measurement Conference, PAM, volume 13210, pages 537--551. Springer, 2022.Google ScholarDigital Library
- Stanislaw Jarecki, Aggelos Kiayias, and Hugo Krawczyk. Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In Advances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, volume 8874 of Lecture Notes in Computer Science, pages 233--253.Google Scholar
- Google. Passkey support on Android and Chrome. https://developers.google.com/identity/passkeys/supported-environments, 2023.Google Scholar
Index Terms
- Recent Trends on Privacy-Preserving Technologies under Standardization at the IETF
Recommendations
Multi-level privacy preserving data publishing
Policedata is an important source of social media data and can be regarded as a technical assistance to increase government accountability and transparency. Notably, it contains large amounts of personal private information that should be preserved ...
Privacy-enhancing technologies: approaches and development
In this paper, we discuss privacy threats on the Internet and possible solutions to this problem. Examples of privacy threats in the communication networks are identity disclosure, linking data traffic with identity, location disclosure in connection ...
Comments