Kyle Rankin
Recommendations
DNSSEC: Interoperability Challenges and Transition Mechanisms
ARES '13: Proceedings of the 2013 International Conference on Availability, Reliability and SecurityRecent cache poisoning attacks motivate protecting DNS with strong cryptography, by adopting DNSSEC, rather than with challenge-response 'defenses'. We discuss the state of DNSSEC deployment and obstacles to adoption. We then present an overview of ...
Towards Forensic Analysis of Attacks with DNSSEC
SPW '14: Proceedings of the 2014 IEEE Security and Privacy WorkshopsDNS cache poisoning is a stepping stone towards advanced (cyber) attacks, and can be used to monitor users' activities, for censorship, to distribute malware and spam, and even to subvert correctness and availability of Internet networks and services. ...
Downgrading DNSSEC: how to exploit crypto agility for hijacking signed zones
SEC '23: Proceedings of the 32nd USENIX Conference on Security SymposiumCryptographic algorithm agility is an important property for DNSSEC: it allows easy deployment of new algorithms if the existing ones are no longer secure. Significant operational and research efforts are dedicated to pushing the deployment of new ...
Comments