Jun Kurihara

Jun Kurihara (栗原 淳)


Project maintained by junkurihara Hosted on GitHub Pages — Theme by mattgraham

Mutualized Oblivious DNS

About

This is a web site introducing a new concept of anonymized DNS, called Mutualized Oblivious DNS (μODNS). Our implementation, public servers and their detailed information are given below.”


Publication

Research articles

Presentation slides


Implementation as an extension of Oblivious DNS over HTTPS (Being actively developed on GitHub)

We sometimes call this ODoH-based protocol and implementation by μODoH or MODoH.

Do53 - μODoH translation proxy written in Rust

μODoH relays and target servers with authentication and access control

(Replaced fork of doh-server)

To protect DNS servers and relays from DoS attacks, authentication is introduced at the first hop relay. So, in addition to the above relay/target, authentication server is needed as below.

Public relays and servers

Currently we are testing its feasibility.

Acknowledment

The work on this extension of ODoH to MoDoH is partially supported by NICT22401, JSPS KAKENHI Grant Number JP22K11994, JP21H03442, and KDDI Foundation Research Grant.


PoC implementation based on Dnscrypt protocol

Do53 - μODNS translation proxy (fork of dnscrypt-proxy)

μODNS servers based on encrypted-dns-server

Public resolvers and relays


Public DoH Server as an Entry of μODNS

If you want to just check if it works, you can try our DoH-μODNS translator from Chrome and Firefox browsers without using our dedicated client.

This translator converts DoH queries to PoC μODNS queries. It first works as the ‘first-hop’ relay of μODNS, and randomly choose subsequent (up to 2) relays from listed relays for user anonymity in DNS queries. The DoH address is:

https://dns.secarchlab.net/dns-query

Target full-service resolvers are ones listed in this repo and Quad9 servers of no-filters.

NOTE: Although our experimental resolvers and relays are ones with no log and no filter, the DoH-μODNS filters some content by using public ad lists and logs blocking histories.

Please use this translator only for testing at your own risk, and do not use this translator for your private activity. From the concept of μODNS, you should build your dedicated relay. Also note that it is not guaranteed that our translator works 24/365.

[Back to top]