To address privacy leakage in DNS caused by colluding resolvers and proxies, this paper proposes PDNS—the first DNS privacy-preserving system to deeply integrate single-server Private Information Retrieval (PIR) into the DNS protocol stack. PDNS eliminates the conventional non-collusion assumption between resolvers and proxies by employing PIR-based encrypted queries, hierarchical interaction optimization, and encrypted query processing, thereby achieving end-to-end strong privacy throughout the recursive resolution path. Evaluation on real-world DNS traces shows PDNS incurs only 45% of the latency of DoH-over-Tor, demonstrating practical performance. Its key contribution lies in the first efficient co-design of single-server PIR with DNS architecture, breaking the privacy-efficiency trade-off under collusion threat models. Current scalability is limited by computational overhead; future work will explore dedicated PIR hardware acceleration.

There has been a growing interest in Internet user privacy, demonstrated by the popularity of privacy-preserving products such as Telegram and Brave, and the widespread adoption of HTTPS. The Domain Name System (DNS) is a key component of Internet-based communication and its privacy has been neglected for years. Recently, DNS over HTTPS (DoH) has improved the situation by fixing the issue of in-path middleboxes. Further progress has been made with proxy-based solutions such as Oblivious DoH (ODoH), which separate a user's identity from their DNS queries. However, these solutions rely on non-collusion assumptions between DNS resolvers and proxies -- an assumption difficult to guarantee in practice. To address this, we explore integrating single-server Private Information Retrieval (PIR) into DNS to enable encrypted query processing without relying on trust assumptions. However, applying PIR to DNS is challenging due to its hierarchical nature -- particularly, interactions with recursive resolvers can still leak information. Navigating performance and privacy trade-offs, we propose PDNS, a DNS extension leveraging single-server PIR to strengthen privacy guarantees. We have implemented a prototype of PDNS and compared its performance against state-of-the-art solutions via trace-driven experiments. The results show that PDNS achieves acceptable performance (2x faster than DoH over Tor with similar privacy guarantees) and strong privacy guarantees today, mainly at the cost of its scalability, which specialized hardware for PIR can address in the near future.