TY - GEN
T1 - Alternative trust sources
T2 - ACM Conference on Special Interest Group on Data Communication, SIGCOMM 2015
AU - Donovan, Sean
AU - Feamster, Nick
N1 - Publisher Copyright:
© 2015 ACM.
PY - 2015/8/17
Y1 - 2015/8/17
N2 - DNSSEC has been in development for 20 years. It provides for provable security when retrieving domain names through the use of a public key infrastructure (PKI). Unfortunately, there is also significant overhead involved with DNSSEC: verifying certificate chains of signed DNS messages involves extra computation, queries to remote resolvers, additional transfers, and introduces added latency into the DNS query path. We pose the question: is it possible to achieve practical security without always verifying this certificate chain if we use a different, outside source of trust between resolvers? We believe we can. Namely, by using a long-lived, mutually authenticated TLS connection between pairs of DNS resolvers, we suggest that we can maintain near-equivalent levels of security with very little extra overhead compared to a non-DNSSEC enabled resolver. By using a reputation system or probabilistically verifying a portion of DNSSEC responses would allow for near-equivalent levels of security to be reached, even in the face of compromised resolvers.
AB - DNSSEC has been in development for 20 years. It provides for provable security when retrieving domain names through the use of a public key infrastructure (PKI). Unfortunately, there is also significant overhead involved with DNSSEC: verifying certificate chains of signed DNS messages involves extra computation, queries to remote resolvers, additional transfers, and introduces added latency into the DNS query path. We pose the question: is it possible to achieve practical security without always verifying this certificate chain if we use a different, outside source of trust between resolvers? We believe we can. Namely, by using a long-lived, mutually authenticated TLS connection between pairs of DNS resolvers, we suggest that we can maintain near-equivalent levels of security with very little extra overhead compared to a non-DNSSEC enabled resolver. By using a reputation system or probabilistically verifying a portion of DNSSEC responses would allow for near-equivalent levels of security to be reached, even in the face of compromised resolvers.
UR - http://www.scopus.com/inward/record.url?scp=84962299575&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84962299575&partnerID=8YFLogxK
U2 - 10.1145/2785956.2790001
DO - 10.1145/2785956.2790001
M3 - Conference contribution
AN - SCOPUS:84962299575
T3 - SIGCOMM 2015 - Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication
SP - 353
EP - 354
BT - SIGCOMM 2015 - Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication
PB - Association for Computing Machinery, Inc
Y2 - 17 August 2015 through 21 August 2015
ER -