Papers
Topics
Authors
Recent
Search
2000 character limit reached

Take up DNSSEC When Needed

Published 26 Feb 2016 in cs.CR | (1602.08459v1)

Abstract: The threats of caching poisoning attacks largely stimulate the deployment of DNSSEC. Being a strong but demanding cryptographical defense, DNSSEC has its universal adoption predicted to go through a lengthy transition. Thus the DNSSEC practitioners call for a secure yet lightweight solution to speed up DNSSEC deployment while offering an acceptable DNSSEC-like defense. This paper proposes a new defense against cache poisoning attacks, still using but lightly using DNSSEC. In the solution, DNS operates in the DNSSEC-oblivious mode unless a potential attack is detected and triggers a switch to the DNSSEC-aware mode. The performance of the defense is analyzed and validated. The modeling checking results demonstrate that only a small DNSSEC query load is needed to ensure a small enough cache poisoning success rate.

Citations (2)
View on Semantic Scholar

Summary

No one has generated a summary of this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Summarize

Paper to Video (Beta)

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now

Authors (1)

  1. Zheng Wang 

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up