DNSSEC vs. DNSCurve-Reference-Cited by-同舟云学术

DNSSEC vs. DNSCurve

Published:2012 Issue: Volume: Page:201-220
ISSN:
Container-title:Situational Awareness in Computer Network Defense
language:
Short-container-title:

Author:

Anagnostopoulos Marios¹,Kambourakis Georgios¹,Konstantinou Elisavet¹,Gritzalis Stefanos¹

Affiliation:

1. University of the Aegean, Greece

Abstract

Without a doubt, Domain Name System (DNS) security is a complicated topic of growing concern. In fact, it can be argued that the whole Internet infrastructure depends on the smooth operation of the DNS service. Despite this fact, the original DNS design concentrated on availability, not security, and thus included no authentication. Nowadays, this security gap has been addressed by two cryptographic mechanisms: DNSSEC and DNSCurve. They both utilize public key cryptography and extend the core DNS protocol. Although the second mechanism is still in its infancy while the first is well-standardized, they are both promising and are quite likely to compete with each other in the near future to gain acceptance. This work aims to provide a comprehensive and constructive comparison between the aforementioned security mechanisms. Towards this direction, the authors theoretically cross-evaluate and assess the benefits and the drawbacks of each particular mechanism based on several distinct criteria. This is necessary in order to decide which mechanism is the best fit for each particular deployment.

Publisher

IGI Global

Reference31 articles.

1. Ager, B., Dreger, H., & Feldmann, A. (2005). Exploring the overhead of DNSSEC. Retrieved September 2010 from http://www2.net.informatik.tu-muenchen.de/ ~anja/ feldmann/ papers/ dnssec06.pdf

2. Antonakakis, M., Dagon, D., Luo, X., & Lee, W. (2010). Anax: A monitoring infrastructure of improving DNS security. International Symposium on Recent Advances in Intrusion Detection, (RAID). Berlin, Germany: Springer Verlag.

3. Arends, R., Austein, R., Larson, M., Massey, D., & Rose, S. (2005a). DNS security introduction and requirements. IETF RFC 4033.

4. Arends, R., Austein, R., Larson, M., Massey, D., & Rose, S. (2005b). Protocol modifications for the DNS security extensions. IETF RFC 4035.

5. Arends, R., Austein, R., Larson, M., Massey, D., & Rose, S. (2005c). Resource records for the DNS security extensions. IETF RFC 4034.

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Improving DNS Data Exfiltration Detection Through Temporal Analysis;Communications in Computer and Information Science;2024

2. Privacy and Data Protection in the Domain Name System;Privatheit und selbstbestimmtes Leben in der digitalen Welt;2018

3. New facets of mobile botnet: architecture and evaluation;International Journal of Information Security;2015-12-31