2020BCS-北京网络安全大会：DNS加密协议发展及部署现状.pdf

《2020BCS-北京网络安全大会：DNS加密协议发展及部署现状.pdf》由会员分享，可在线阅读，更多相关《2020BCS-北京网络安全大会：DNS加密协议发展及部署现状.pdf（43页珍藏版）》请在三个皮匠报告上搜索。

1、DNS加密协议发展及部署现状 刘保君 清华大学网络科学与网络空间研究院 2020年08月12日 An EndAn End- -toto- -End, LargeEnd, Large- -Scale Scale Measurement of DNSMeasurement of DNS- -overover- -Encryption: Encryption: How Far Have We Come? Chaoyi Lu, BaojunBaojun LiuLiu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Yi

2、ng Liu, Zaifeng Zhang, Jianping Wu The start of Internet activities. .which says a lot about you. Domain Name System 3 DNS ClientResolver Authoritative server ? 42.81.56.61 ? ? ? Where are the risks? DNS Privacy 4 DNS ClientResolver Authoritative server Eavesdropper MITM interception Rogue server Pe

3、ople could be watching our queries. DNS Privacy 5 RFC 7626 on DNS privacy The MORECOWBELL surveillance program of NSA People could be watching our queries. And do stuff like: DNS Privacy 6 Device Fingerprinting Chang 15 User behavior Analysis Kim 15 User Tracking Kirchler 16 DNS Privacy: What Has Been Done? Three IETF WGs.Three IETF WGs. Three standardized protocols.Three standardized protocols. M