Deployment of DNSSEC: Problems and outlines

Lambert, Kathy; Souleymane, O.; Tiemoman, Kone; Brice, Anne; Pierre, Tety

doi:10.1109/rcis.2008.4632124

Cited by 4 publications

(1 citation statement)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This extension adds security measures to the original DNS protocol by using cryptography. In this respect, all DNS entries are digitally signed using asymmetric keys, which ensures data and server authentication as well as integrity [5]. As such, when the DNS local server receives the reply message, it must receive, along with the message, an additional record called RRSIG containing the record's signature.…”

Section: Dns Security Issuesmentioning

confidence: 99%

Security analysis and solution for thwarting cache poisoning attacks in the Domain Name System

Bassil

Hobeica

Itani

et al. 2012

2012 19th International Conference on Telecommunications (ICT)

View full text Add to dashboard Cite

The Domain Name System is a crucial part of the Internet's infrastructure, as it provides basic information that is vital for the proper operation of the Internet. The importance of DNS has caused it to be targeted by malicious attackers who are interested in causing damage and gaining personal benefits. Thus nowadays, DNS faces many security threats such as DNS spoofing and cache poisoning attacks. This paper presents S-DNS, an efficient security solution for thwarting cache poisoning attacks in the DNS hierarchy. The contribution of the S-DNS protocol lies in: (1) decreasing the success probability of DNS spoofing and cache poisoning by preventing man-in-the-middle attacks, (2) providing a backward compatible and simple security solution with low computation and communication overheads, (3) targeting the different DNS query interaction models from iterative, recursive, and caching schemes, and (4) employing an efficient IdentityBased Encryption key management scheme that relieves the different DNS interacting entities from the burden and complexities of traditional public-key infrastructures.

show abstract

Section: Dns Security Issuesmentioning

confidence: 99%