
ODNS: Oblivious DNS - discreditable
https://odns.cs.princeton.edu/
======
andimm
Previous discussion:
[https://news.ycombinator.com/item?id=16741031](https://news.ycombinator.com/item?id=16741031)

------
dangerface
I was hoping this would be DNS with oblivious transfer, but its just a silly
proxy.

If you can snoop on an authoritative dns server then you can probably just
snoop on the authoritative odns server and break the scheme with no real cost.

For the odns server to scale it would probably be implemented by the same
people implementing dns servers, like ISPs and governments, the same people
doing the snooping.

It just looks weak in theory and broken in reality.

~~~
deaps
It still seems to have the same problem as DNS over TLS - that is that
_someone_ in that pipeline sees your query.

In the case of 'standard' DNS (unencrypted port 53 traffic) - anyone can
'snoop' (ISP, internet routers, etc) and the resolver can retain that
information.

In the case of DNS over TLS - it's the box the performs the decryption that
can retain that information.

In this case, the ODNS Stub can retain that information.

The only question is _who_ do you want to be able to view your queries. AKA
who do you trust the most (or possibly, who do you trust the least).

~~~
detaro
That _someone_ in the case of the stub could be your local machine or a
trusted router though. If your operating system environment knows ODNS, it
doesn't even have to be an extra piece of software.

~~~
deaps
Let's take the case that it's a local machine - on your local network - acting
as the ODNS Stub. The DNS request is then encrypted from your machine to the
trusted ODNS Stub - but then from that ODNS Stub out to some resolver on the
internet, there exists the DNS query (whether encrypted or unencrypted) -
sourced from your same public IP that your machine would have sourced it from
in the first place, correct?

I'm certain I don't understand the entirety of ODNS - but the basics still
have to exist - something still needs to make a query on behalf of the initial
user to some authoritative server (unless the answer is already cached). I
guess, what I'm picturing in this case, is that if the trusted resource (ODNS
Stub) exists in your local infrastructure, then the source outgoing to the
internet might as well just be your local machine in the first place - because
that's how 'the internet' sees it anyway.

Anyway, I'm all for making DNS more secure...and this seems to be one way to
change where your trust lies, but not a definitive solution, to me.

~~~
detaro
> _The DNS request is then encrypted from your machine to the trusted ODNS
> Stub_

No. The stub is doing the encryption and sending the encrypted query to a
resolver in the internet.

> _but then from that ODNS Stub out to some resolver on the internet, there
> exists the DNS query (whether encrypted or unencrypted)_

Yes. But since it's encrypted, the resolver only knows that I have made a DNS
request, not what the query is in it. The resolver can't decrypt it, it can
only pass it on to a server that can decrypt it, but won't be able to see your
source IP then.

I think they overstate the usefulness against the kind of attacker they
describe though, since such a powerful adversary could correlate across
servers.

