1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
|
\documentclass[aspectratio=169]{beamer}
\usepackage{appendixnumberbeamer}
\usetheme{metropolis} % Use metropolis theme
\definecolor{fhggreen}{RGB}{23,156,125}
\let\oldemph\textbf
\renewcommand{\textbf}[1]{{\color{mLightBrown}\oldemph{#1}}}
\usepackage{blkarray}
\usepackage{amsmath}
\usepackage{multirow}
\title{The GNU Name System\\\small{ICANN66}}
\date{11/5/2019}
\author{Martin Schanzenbach}
\institute{\hfill\large{GNUnet} \includegraphics[trim={0cm 1.5cm 0cm 0cm},clip,width=4em]{gnunet}}
\begin{document}
\metroset{block=fill,sectionpage=progressbar,numbering=counter}
\maketitle
\section{The GNU Name System In a Nutshell}
\begin{frame}{Motivation}
\begin{itemize}
\item DNS remains a source of traffic amplification DDoS.
\item DNS censorship (i.e. by China) causes collateral damage in other countries.
\item DNS is part of the mass surveillance apparatus (MCB).
\item DNS is abused for offensive cyber war (QUANTUMDNS).
\item DoT/DoH, DNSSEC, DPRIVE unfortunately do \textbf{NOT} fix this.
\end{itemize}
\end{frame}
\begin{frame}{What is the GNU Name System?\footnote{Joint work with Christian Grothoff and Matthias Wachs}}
\begin{itemize}
\item Fully decentralized name system $\Rightarrow$ Names are not global.
\item Supports globally unique and secure identification.
\item Features query and response privacy.
\item Provides a public key infrastructure
\begin{itemize}
\item Each zone is associated with a cryptographic key pair.
\item Delegation between zones establishes trust relationship.
\end{itemize}
\item Interoperable with DNS.
\item Usable.\footnote{User studies conducted in ``Decentralized Authentication for Self-Sovereign Identities using Name Systems'' (DASEIN) project.}
\end{itemize}
\end{frame}
\begin{frame}{Applications}
\begin{itemize}
\item Identity management: \textbf{re:claimID} (\url{https://reclaim-identity.io})
\item Social Networks: \textbf{SecuShare} (\url{https://secushare.org})
\item Healthcare: \textbf{Accident insurance and private health data}.\footnote{Joint work with FH Bern, ``Decentralized Authentication for Self-Sovereign Identities using Name Systems'' (DASEIN)}
\item Others: \textbf{Chat}, \textbf{Host addressing}, \ldots
\end{itemize}
\end{frame}
\section{Technical Overview}
\begin{frame}{Record Storage / Retrieval}
\begin{itemize}
\item GNS stores records in a \textbf{Distributed Hash Table} (DHT).
\item DHTs allow us to map keys to values.
\item Naive approach: Map domain names to records.\\e.g.: example.com $\Rightarrow$ A: 1.2.3.4
\end{itemize}
\begin{center}
\includegraphics[width=0.5\textwidth]{DHT.pdf}
\end{center}
\end{frame}
%\begin{frame}{Record Storage / Retrieval}
% \begin{itemize}
% \item GNS implements a \textbf{Private Information Retrieval} (PIR) scheme.
% \item DHT values (records) are signed and encrypted.
% \item DHT keys are derived from queried name and zone.
% \end{itemize}
% \begin{center}
% \includegraphics[width=0.5\textwidth]{DHT.pdf}
% \end{center}
%\end{frame}
\begin{frame}{Secure Storage / Retrieval}
\begin{itemize}
\item \textbf{Query privacy}
\begin{itemize}
\item GNS implements a \textbf{Private Information Retrieval} (PIR) scheme:\\
``a protocol that allows a user to retrieve an item from a server in possession of a database without revealing which item is retrieved.''\footnote{\url{https://en.wikipedia.org/wiki/Private_information_retrieval}}
\item Queries do not reveal domain name.
%item DHT keys are ``blinded'' record labels and zone identity.
\end{itemize}
\item \textbf{Record confidentiality}: Values in DHT are signed and encrypted by zone owner.
\item \textbf{Zone privacy}: Zones cannot be enumerated.
\item \textbf{Censorship and DDoS resistance}: Decentralized, resilient directory.
\end{itemize}
\end{frame}
\begin{frame}{Zone Delegation}
\begin{itemize}
\item The ``NS'' equivalent in GNS is called ``PKEY''.
\item A ``PKEY'' record contains public zone keys.
\item The combination of a ``PKEY'' record value and a name allows users to
query records in a delegated zone.
\end{itemize}
\end{frame}
\begin{frame}
\includegraphics[height=0.9\textheight]{deleg0.pdf}
\end{frame}
\begin{frame}
\includegraphics[height=0.9\textheight]{deleg1.pdf}
\end{frame}
\begin{frame}
\includegraphics[height=0.9\textheight]{deleg2.pdf}
\end{frame}
\section{How do we bootstrap the top-level zones?}
\begin{frame}
\includegraphics[height=0.9\textheight]{deleg3.pdf}
\end{frame}
\begin{frame}{The GNU Name System Root}
``Hyper-hyper local root'' concept:
\begin{itemize}
\item Resolver ships with initial root zone configuration.
\item Root zone configurable \emph{locally} at \emph{each} endpoint.
\item User override/extension of root at top-level or subdomain-level for:
\begin{itemize}
\item Circumvent censorship if necessary.
\item Private networks.
\end{itemize}
\end{itemize}
\end{frame}
\begin{frame}{Envisioned Governance Model}
\begin{itemize}
\item Non-profit organization.
\item Multi-stakeholder model: Board, supporting organizations, \ldots
\item Examples for possible stakeholders:
\begin{itemize}
\item Software and OS Distributors
\item Browser vendors
\item Governments
\end{itemize}
\item Funding options:
\begin{itemize}
\item Applications for new top-level domains.
\item Registrations of new top-level domains.
\item \ldots
\end{itemize}
\end{itemize}
\end{frame}
\section{Quo Vadis?}
\begin{frame}{Roadmap}
\begin{itemize}
\item In progress:
\begin{itemize}
\item 2019-2020: Technical specification of GNS protocol, packaging and alternative implementations.\footnote{Funded by NLnet under EU Next Generation Internet program (\url{https://nlnet.nl/project/GNS/}).}
\item Continuous development and integration into applications.
\end{itemize}
\item 2020--: Establishment of governing body.
\end{itemize}
\end{frame}
\begin{frame}
\begin{center}
The GNU Name System\\
\vspace{2cm}
\url{https://gnunet.org}\\
\vspace{1em}
{\tiny
\texttt{schanzen@gnunet.org}\\
\texttt{3D11~063C~10F9~8D14~BD24~D147~0B09~98EF~86F5~9B6A}\\
}
\end{center}
\end{frame}
\appendix
\begin{frame}{References}
\centering
{\small
\begin{enumerate}
\item {Matthias Wachs, Martin Schanzenbach and Christian Grothoff. {\em A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name System}. {\bf 13th Intern
ational Conference on Cryptology and Network Security}, 2014.}
\item {Martin Schanzenbach, Georg Bramm, Julian Schütte. {\em reclaimID: Secure, Self-Sovereign Identities Using Name Systems and Attribute-Based Encryption}. {\bf 17th
IEEE International Conference On Trust, Security And Privacy In Computing And Communications (TrustCom)}, 2018}
\item {Christian Grothoff, Martin Schanzenbach, Annett Laube, Emmanuel Benoist, Pascal Mainini. {\em Decentralized Authentication for Self-Sovereign Identities using Name Systems (DASEIN)}. {\bf https://git.gnunet.org/bibliography.git/plain/docs/dasein10.pdf}, 2018.}
\end{enumerate}
}
\end{frame}
\end{document}
|
