General audience texts
Besides the scholarly publications listed below, I have written many texts in English and German. My more notable German texts appeared by DNIP.ch. I also maintain document collections intended for a broad audience:
Scholarly publications
Up-to-date citation counts (provided by Google Scholar). List of patents granted.
2016
Daniel Kaiser; Marcel Waldvogel; Holger Strittmatter; Oliver Haase
User-Friendly, Versatile, and Efficient Multi-Link DNS Service Discovery Proceedings Article
In: Proceedings of the 1st Workshop on Edge Computing (WEC 2016); in conjunction with IEEE ICDCS 2016, 2016.
Abstract | BibTeX | Tags: DNS-SD, Multicast, Service Discovery, Zeroconf | Links:
@inproceedings{kaiser2016user-friendly,
title = {User-Friendly, Versatile, and Efficient Multi-Link DNS Service Discovery},
author = {Daniel Kaiser and Marcel Waldvogel and Holger Strittmatter and Oliver Haase
},
url = {https://netfuture.ch/wp-content/uploads/2016/06/kaiser2016user-friendly.pdf},
year = {2016},
date = {2016-06-27},
urldate = {1000-01-01},
booktitle = {Proceedings of the 1st Workshop on Edge Computing (WEC 2016); in conjunction with IEEE ICDCS 2016},
abstract = {When mobile devices at the network edge want to communicate with each other, they too often depend on the availability of faraway resources. Feasible user-friendly service discovery is essential for direct communication. DNS Service Discovery over Multicast DNS (DNS-SD/mDNS) is widely used for configurationless service discovery in local networks; due in no small part to the fact that it is based on the well established DNS, and efficient in small networks.
In our research, we enhance DNS-SD/mDNS providing versatility, user control, efficiency, and privacy, while maintaining the deployment simplicity and backward compatibility. These enhancements are necessary to make it a solid, flexible foundation for device communication in the edge of the Internet.
In this paper, we focus on providing multi-link capabilities and scalable scopes for DNS-SD while being mindful of both user-friendliness and efficiency. We propose DNS-SD over Stateless DNS (DNS-SD/sDNS), a solution that allows configurationless service discovery in arbitrary self-named scopes – largely independent of the physical network layout – by leveraging our Stateless DNS technique and the Raft consensus algorithm.},
keywords = {DNS-SD, Multicast, Service Discovery, Zeroconf},
pubstate = {published},
tppubtype = {inproceedings}
}
When mobile devices at the network edge want to communicate with each other, they too often depend on the availability of faraway resources. Feasible user-friendly service discovery is essential for direct communication. DNS Service Discovery over Multicast DNS (DNS-SD/mDNS) is widely used for configurationless service discovery in local networks; due in no small part to the fact that it is based on the well established DNS, and efficient in small networks.
In our research, we enhance DNS-SD/mDNS providing versatility, user control, efficiency, and privacy, while maintaining the deployment simplicity and backward compatibility. These enhancements are necessary to make it a solid, flexible foundation for device communication in the edge of the Internet.
In this paper, we focus on providing multi-link capabilities and scalable scopes for DNS-SD while being mindful of both user-friendliness and efficiency. We propose DNS-SD over Stateless DNS (DNS-SD/sDNS), a solution that allows configurationless service discovery in arbitrary self-named scopes – largely independent of the physical network layout – by leveraging our Stateless DNS technique and the Raft consensus algorithm.
In our research, we enhance DNS-SD/mDNS providing versatility, user control, efficiency, and privacy, while maintaining the deployment simplicity and backward compatibility. These enhancements are necessary to make it a solid, flexible foundation for device communication in the edge of the Internet.
In this paper, we focus on providing multi-link capabilities and scalable scopes for DNS-SD while being mindful of both user-friendliness and efficiency. We propose DNS-SD over Stateless DNS (DNS-SD/sDNS), a solution that allows configurationless service discovery in arbitrary self-named scopes – largely independent of the physical network layout – by leveraging our Stateless DNS technique and the Raft consensus algorithm.
2015
Andreas Rain; Daniel Kaiser; Marcel Waldvogel
Realistic, Extensible DNS and mDNS Models for INET/OMNeT++ Proceedings Article
In: Proceedings of the “OMNeT++ Community Summit 2015â€, 2015.
Abstract | BibTeX | Tags: DNS-SD, Mobile Networks, Multicast, Service Discovery, Simulation, Zeroconf | Links:
@inproceedings{rain2015realistic,
title = {Realistic, Extensible DNS and mDNS Models for INET/OMNeT++},
author = {Andreas Rain and Daniel Kaiser and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2016/06/rain2015realistic.pdf
https://netfuture.ch/wp-content/uploads/2016/06/rain2015realistic-slides.pdf},
year = {2015},
date = {2015-09-03},
urldate = {1000-01-01},
booktitle = {Proceedings of the “OMNeT++ Community Summit 2015â€},
abstract = {The domain name system (DNS) is one of the core services in today’s network structures. In local and ad-hoc networks DNS is often enhanced or replaced by mDNS. As of yet, no simulation models for DNS and mDNS have been developed for INET/OMNeT++. We introduce DNS and mDNS simulation models for OMNeT++, which allow researchers to easily prototype and evaluate extensions for these protocols. In addition, we present models for our own experimental extensions, namely Stateless DNS and Privacy-Enhanced mDNS, that are based on the aforementioned models. Using our models we were able to further improve the efficiency of our protocol extensions.},
keywords = {DNS-SD, Mobile Networks, Multicast, Service Discovery, Simulation, Zeroconf},
pubstate = {published},
tppubtype = {inproceedings}
}
The domain name system (DNS) is one of the core services in today’s network structures. In local and ad-hoc networks DNS is often enhanced or replaced by mDNS. As of yet, no simulation models for DNS and mDNS have been developed for INET/OMNeT++. We introduce DNS and mDNS simulation models for OMNeT++, which allow researchers to easily prototype and evaluate extensions for these protocols. In addition, we present models for our own experimental extensions, namely Stateless DNS and Privacy-Enhanced mDNS, that are based on the aforementioned models. Using our models we were able to further improve the efficiency of our protocol extensions.
Daniel Kaiser; Andreas Rain; Marcel Waldvogel; Holger Strittmatter
A Multicast-Avoiding Privacy Extension for the Avahi Zeroconf Daemon Proceedings Article
In: NetSys 2015, Gesellschaft für Informatik, 2015.
Abstract | BibTeX | Tags: DNS-SD, Privacy, Security, Zeroconf | Links:
@inproceedings{Kaiser2015Multicast-avoiding,
title = {A Multicast-Avoiding Privacy Extension for the Avahi Zeroconf Daemon},
author = {Daniel Kaiser and Andreas Rain and Marcel Waldvogel and Holger Strittmatter},
url = {https://netfuture.ch/wp-content/uploads/2014/12/kaiser2015multicast-avoiding.pdf
https://netfuture.ch/wp-content/uploads/2015/03/mdns-security-poster.pdf},
year = {2015},
date = {2015-03-10},
urldate = {1000-01-01},
booktitle = {NetSys 2015},
publisher = {Gesellschaft für Informatik},
abstract = {In today’s local networks, a significant amount of traffic is caused by Multicast packets, such as Multicast DNS Service Discovery (mDNS-SD), a widespread technique used for configurationless service distribution and discovery. It suffers from two major problems inherent in multicast: privacy and network load. We present a privacy extension for the Avahi Zeroconf Daemon that tackles both problems while being very efficient.},
keywords = {DNS-SD, Privacy, Security, Zeroconf},
pubstate = {published},
tppubtype = {inproceedings}
}
In today’s local networks, a significant amount of traffic is caused by Multicast packets, such as Multicast DNS Service Discovery (mDNS-SD), a widespread technique used for configurationless service distribution and discovery. It suffers from two major problems inherent in multicast: privacy and network load. We present a privacy extension for the Avahi Zeroconf Daemon that tackles both problems while being very efficient.
2014
Daniel Kaiser; Matthias Fratz; Marcel Waldvogel; Valentin Dietrich; Holger Strittmatter
Stateless DNS Technical Report
University of Konstanz Technical Report, no. KN-2014-DISY-004, 2014.
Abstract | BibTeX | Tags: DNS-SD, Multicast, Peer-to-Peer, Privacy, Zeroconf | Links:
@techreport{Kaiser2014Stateless,
title = {Stateless DNS},
author = {Daniel Kaiser and Matthias Fratz and Marcel Waldvogel and Valentin Dietrich and Holger Strittmatter},
url = {https://netfuture.ch/wp-content/uploads/2015/02/kaiser14stateless.pdf},
year = {2014},
date = {2014-12-31},
urldate = {1000-01-01},
number = {KN-2014-DISY-004},
institution = {University of Konstanz},
abstract = {Several network applications, like service discovery, file discovery in P2P networks, distributed hash tables, and distributed caches, use or would benefit from distributed key value stores. The Domain Name System (DNS) is a key value store which has a huge infrastructure and is accessible from almost everywhere.
Nevertheless storing information in this database makes it necessary to be authoritative for a domain or to be “registered” with a domain, e.g. via DynDNS, to be allowed to store and update resource records using
nsupdate. Applications like the ones listed above would greatly benefit from a configurationless approach, giving users a much more convenient experience.
In this report we describe a technique we call Stateless DNS, which allows to store data in the cache of the local DNS server. It works without any infrastructure updates; it just needs our very simple, configurationless echo DNS server that can parse special queries containing information desired to be stored, process this information, and generate DNS answers in a way that the DNS cache that was asked the special query will store the desired information. Because all this happens in the authority zone of our echo DNS server, we do not cause cache poisoning. Our tests show that Stateless DNS works with a huge number of public DNS servers.},
type = {Technical Report},
keywords = {DNS-SD, Multicast, Peer-to-Peer, Privacy, Zeroconf},
pubstate = {published},
tppubtype = {techreport}
}
Several network applications, like service discovery, file discovery in P2P networks, distributed hash tables, and distributed caches, use or would benefit from distributed key value stores. The Domain Name System (DNS) is a key value store which has a huge infrastructure and is accessible from almost everywhere.
Nevertheless storing information in this database makes it necessary to be authoritative for a domain or to be “registered” with a domain, e.g. via DynDNS, to be allowed to store and update resource records using
nsupdate. Applications like the ones listed above would greatly benefit from a configurationless approach, giving users a much more convenient experience.
In this report we describe a technique we call Stateless DNS, which allows to store data in the cache of the local DNS server. It works without any infrastructure updates; it just needs our very simple, configurationless echo DNS server that can parse special queries containing information desired to be stored, process this information, and generate DNS answers in a way that the DNS cache that was asked the special query will store the desired information. Because all this happens in the authority zone of our echo DNS server, we do not cause cache poisoning. Our tests show that Stateless DNS works with a huge number of public DNS servers.
Nevertheless storing information in this database makes it necessary to be authoritative for a domain or to be “registered” with a domain, e.g. via DynDNS, to be allowed to store and update resource records using
nsupdate. Applications like the ones listed above would greatly benefit from a configurationless approach, giving users a much more convenient experience.
In this report we describe a technique we call Stateless DNS, which allows to store data in the cache of the local DNS server. It works without any infrastructure updates; it just needs our very simple, configurationless echo DNS server that can parse special queries containing information desired to be stored, process this information, and generate DNS answers in a way that the DNS cache that was asked the special query will store the desired information. Because all this happens in the authority zone of our echo DNS server, we do not cause cache poisoning. Our tests show that Stateless DNS works with a huge number of public DNS servers.
Daniel Kaiser; Marcel Waldvogel
Adding Privacy to Multicast DNS Service Discovery Proceedings Article
In: Proceedings of IEEE TrustCom 2014 (IEEE EFINS 2014 workshop), 2014.
Abstract | BibTeX | Tags: DNS-SD, Multicast, Peer-to-Peer, Privacy, Service Discovery, Social Networks, Trust, Zeroconf | Links:
@inproceedings{Kaiser2014Adding,
title = {Adding Privacy to Multicast DNS Service Discovery},
author = {Daniel Kaiser and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2014/08/Kaiser2014Adding.pdf},
year = {2014},
date = {2014-09-24},
urldate = {1000-01-01},
booktitle = {Proceedings of IEEE TrustCom 2014 (IEEE EFINS 2014 workshop)},
abstract = {Multicast DNS Service Discovery (mDNS-SD), made fashionable through Apple’s \emph{Bonjour}, is a prevalent technique allowing service distribution and discovery in local networks without configuration (Zeroconf). Possible application areas are device synchronization, instant messaging, VoIP, file and screen sharing. It is very convenient for users, because they can connect to and offer services when they enter a network without any manual configuration. However, it requires the public exposure of the offering and requesting identities along with information about the offered and requested services, even when services do not need to be public. Some of the information published by the announcements can be very revealing, including complete lists of family members. In this paper we discuss the privacy problems arising when using mDNS-SD and present our privacy extension, which allows hiding all information published while still not requiring any network configuration except for an initial pairing. A key feature of our solution is the ease of upgrading existing systems, a must for widespread deployment and acceptance. To show the feasibility of our mDNS-SD privacy extension, we developed an implementation based on the open-source \emph{Avahi} daemon.},
keywords = {DNS-SD, Multicast, Peer-to-Peer, Privacy, Service Discovery, Social Networks, Trust, Zeroconf},
pubstate = {published},
tppubtype = {inproceedings}
}
Multicast DNS Service Discovery (mDNS-SD), made fashionable through Apple’s Bonjour, is a prevalent technique allowing service distribution and discovery in local networks without configuration (Zeroconf). Possible application areas are device synchronization, instant messaging, VoIP, file and screen sharing. It is very convenient for users, because they can connect to and offer services when they enter a network without any manual configuration. However, it requires the public exposure of the offering and requesting identities along with information about the offered and requested services, even when services do not need to be public. Some of the information published by the announcements can be very revealing, including complete lists of family members. In this paper we discuss the privacy problems arising when using mDNS-SD and present our privacy extension, which allows hiding all information published while still not requiring any network configuration except for an initial pairing. A key feature of our solution is the ease of upgrading existing systems, a must for widespread deployment and acceptance. To show the feasibility of our mDNS-SD privacy extension, we developed an implementation based on the open-source Avahi daemon.
Daniel Kaiser; Marcel Waldvogel
Efficient Privacy Preserving Multicast DNS Service Discovery Proceedings Article
In: Workshop on Privacy-Preserving Cyberspace Safety and Security (CSS), 2014.
Abstract | BibTeX | Tags: DNS-SD, Multicast, Privacy, Service Discovery, Zeroconf | Links:
@inproceedings{Kaiser2014Efficient,
title = {Efficient Privacy Preserving Multicast DNS Service Discovery},
author = {Daniel Kaiser and Marcel Waldvogel},
url = {https://netfuture.ch/wp-content/uploads/2014/08/Kaiser2014Efficient.pdf},
year = {2014},
date = {2014-08-23},
urldate = {1000-01-01},
booktitle = {Workshop on Privacy-Preserving Cyberspace Safety and Security (CSS)},
abstract = {In today’s local networks a significant amount of traffic is caused by Multicast DNS Service Discovery (mDNS-SD), a prevalent technique used for configurationless service distribution and discovery. It allows users to offer and use services like device synchronization, file sharing, and chat, when joining a local network without any manual configuration. While this is very convenient, it requires the public exposure of the offering and requesting identities along with information about the offered and requested services, even when services do not need to be public. Some of the information published by the announcements can be very revealing, including complete lists of family members. Another problem is the huge amount of multicast traffic caused, which is especially relevant for large WiFi networks.
In this paper we present a privacy extension that does not publish private information and reduces the number of packets sent while still not requiring any network configuration except for an initial pairing per pair of users. A key feature of our solution is the ease of upgrading existing systems, a must for widespread deployment and acceptance. We developed an implementation based on the open-source Avahi daemon to show the feasibility of our privacy extension. Our solution grants tunable privacy and reduces multicast traffic without affecting user experience.},
keywords = {DNS-SD, Multicast, Privacy, Service Discovery, Zeroconf},
pubstate = {published},
tppubtype = {inproceedings}
}
In today’s local networks a significant amount of traffic is caused by Multicast DNS Service Discovery (mDNS-SD), a prevalent technique used for configurationless service distribution and discovery. It allows users to offer and use services like device synchronization, file sharing, and chat, when joining a local network without any manual configuration. While this is very convenient, it requires the public exposure of the offering and requesting identities along with information about the offered and requested services, even when services do not need to be public. Some of the information published by the announcements can be very revealing, including complete lists of family members. Another problem is the huge amount of multicast traffic caused, which is especially relevant for large WiFi networks.
In this paper we present a privacy extension that does not publish private information and reduces the number of packets sent while still not requiring any network configuration except for an initial pairing per pair of users. A key feature of our solution is the ease of upgrading existing systems, a must for widespread deployment and acceptance. We developed an implementation based on the open-source Avahi daemon to show the feasibility of our privacy extension. Our solution grants tunable privacy and reduces multicast traffic without affecting user experience.
In this paper we present a privacy extension that does not publish private information and reduces the number of packets sent while still not requiring any network configuration except for an initial pairing per pair of users. A key feature of our solution is the ease of upgrading existing systems, a must for widespread deployment and acceptance. We developed an implementation based on the open-source Avahi daemon to show the feasibility of our privacy extension. Our solution grants tunable privacy and reduces multicast traffic without affecting user experience.
