Security of the DNS Protocol - Implementation and Weaknesses Analyses of DNSSEC (1207.7109v1)

Abstract: Today, Internet offers many critical applications. So, it becomes very crucial for Internet service providers to ensure traceability of operations and to secure data exchange. Since all these communications are based on the use of the Domain Name System (DNS) protocol, it becomes necessary to think to enhance and secure it by proposing a secure version of this protocol that can correct the whole or a part of the DNS protocol weaknesses and vulnerabilities. In this context, DNSsec was created by the IETF to ensure the integrity of DNS data and authentication of the source of such data. DNSsec is based on the key cryptography public to provide different security services. In the present paper, we will present first the DNS protocol and its weaknesses. After that, we will be interested in studying the DNSsec implementation and data exchange, and then give a deep analysis of its weaknesses.