[dns-operations] IP address encryption: pseudonymization
bert hubert
bert.hubert at powerdns.com
Sun Feb 11 19:13:50 UTC 2018
Hi everyone,
This is semi-on/offtopic here, but there is a very high percentage of people
that will care.
dnstap, pcaps and other feeds of DNS traffic (like the PowerDNS protobuf
stream) contain customer IP addresses. If this is resolver traffic, this is
highly private data.
PowerDNS has long provided dnswasher to scrub IP addresses from PCAPs, but
recently we've been getting requests to encrypt IP addresses in our dnstap
and protobuf output, as described a few months ago on https://medium.com/@bert.hubert/on-ip-address-encryption-security-analysis-with-respect-for-privacy-dabe1201b476
(this touches on the acknowledged limitations on pseudonomyzation, it is
good to read this before commenting here).
Later we realized that this informal description was not good enough to be
interoperable. We also found that more guidance was required to do this
securely.
This has led to the 'ipcipher' standard: https://powerdns.org/ipcipher/ipcipher.md.html
Or on GitHub: https://github.com/powerdns/ipcipher
This standard is nearing completion, so your insights are more than welcome.
Once there is more running code, this may evolve into 'ipcipher2'
which we could be persuaded to put through the IETF.
Please let us know your thoughts!
Bert
More information about the dns-operations
mailing list