English
Related papers

Related papers: Post-Quantum Signatures in DNSSEC via Request-Base…

200 papers

DNSSEC, a DNS security extension, is essential to accurately translating domain names to IP addresses. Digital signatures provide the foundation for this reliable translation; however, the evolution of 'Quantum Computers' has made…

Cryptography and Security · Computer Science 2025-11-04 Syed W. Shah. Lei Pan , Din Duc Nha Nguyen , Robin Doss , Warren Armstrong , Praveen Gauravaram

The Domain Name System (DNS) plays a foundational role in Internet infrastructure, yet its core protocols remain vulnerable to compromise by quantum adversaries. As cryptographically relevant quantum computers become a realistic threat,…

Cryptography and Security · Computer Science 2025-06-26 Juyoul Lee , Sanzida Hoque , Abdullah Aydeger , Engin Zeydan

Since its introduction in 1987, the DNS has become one of the core components of the Internet. While it was designed to work with both TCP and UDP, DNS-over-UDP (DoUDP) has become the default option due to its low overhead. As new Resource…

Networking and Internet Architecture · Computer Science 2023-07-13 Pratyush Dikshit , Mike Kosek , Nils Faulhaber , Jayasree Sengupta , Vaibhav Bajpai

The Domain Name System (DNS) is one of the most crucial parts of the Internet. Although the original standard defined the usage of DNS over UDP (DoUDP) as well as DNS over TCP (DoTCP), UDP has become the predominant protocol used in the…

Networking and Internet Architecture · Computer Science 2022-07-19 Mike Kosek , Trinh Viet Doan , Simon Huber , Vaibhav Bajpai

The emergence of quantum computers poses a significant threat to current secure service, application and/or protocol implementations that rely on RSA and ECDSA algorithms, for instance DNSSEC, because public-key cryptography based on number…

Cryptography and Security · Computer Science 2025-07-15 Julio Gento Suela , Javier Blanco-Romero , Florina Almenares Mendoza , Daniel Díaz-Sánchez

We present practical poisoning and name-server block- ing attacks on standard DNS resolvers, by off-path, spoofing adversaries. Our attacks exploit large DNS responses that cause IP fragmentation; such long re- sponses are increasingly…

Cryptography and Security · Computer Science 2015-03-20 Amir Herzberg , Haya Shulman

The Domain Name System Security Extensions (DNSSEC) are critical for preventing DNS spoofing, yet its specifications contain ambiguities and vulnerabilities that elude traditional "break-and-fix" approaches. A holistic, foundational…

Cryptography and Security · Computer Science 2025-12-15 Qifan Zhang , Zilin Shen , Imtiaz Karim , Elisa Bertino , Zhou Li

DNS over TLS (DoT) and DNS over HTTPS (DoH) encrypt DNS to guard user privacy by hiding DNS resolutions from passive adversaries. Yet, past attacks have shown that encrypted DNS is still sensitive to traffic analysis. As a consequence, RFC…

Cryptography and Security · Computer Science 2019-07-03 Jonas Bushart , Christian Rossow

The Domain Name System (DNS) serves as the backbone of the Internet, primarily translating domain names to IP addresses. Over time, various enhancements have been introduced to strengthen the integrity of DNS. Among these, DNSSEC stands out…

Cryptography and Security · Computer Science 2025-12-09 Aduma Rishith , Aditya Kulkarni , Tamal Das , Vivek Balachandran

The current Domain Name System (DNS), as a core infrastructure of the internet, exhibits several shortcomings: its centralized architecture leads to censorship risks and single points of failure, making domain name resolution vulnerable to…

Networking and Internet Architecture · Computer Science 2024-12-25 Guang Yang

Availability is a major concern in the design of DNSSEC. To ensure availability, DNSSEC follows Postel's Law [RFC1123]: "Be liberal in what you accept, and conservative in what you send." Hence, nameservers should send not just one matching…

Cryptography and Security · Computer Science 2024-06-06 Elias Heftrig , Haya Schulmann , Niklas Vogel , Michael Waidner

The DNS is one of the most crucial parts of the Internet. Since the original DNS specifications defined UDP and TCP as the underlying transport protocols, DNS queries are inherently unencrypted, making them vulnerable to eavesdropping and…

Networking and Internet Architecture · Computer Science 2022-07-19 Mike Kosek , Trinh Viet Doan , Malte Granderath , Vaibhav Bajpai

Domain Name Service (DNS) resolution is a mechanism that resolves the symbolic names of networked devices to their corresponding Internet Protocol (IP) address. With the emergence of the document that describes an extension to a DNS service…

Networking and Internet Architecture · Computer Science 2020-03-31 Ivica Stipovic

In this paper, we investigate the Domain Name System (DNS) over QUIC (DoQ) and propose a non-disruptive extension, which can greatly reduce DoQ's resource consumption. This extension can benefit all DNS clients - especially Internet of…

Networking and Internet Architecture · Computer Science 2025-07-10 Darius Saif , Ashraf Matrawy

The domain name system (DNS) that maps alphabetic names to numeric Internet Protocol (IP) addresses plays a foundational role for Internet communications. By default, DNS queries and responses are exchanged in unencrypted plaintext, and…

Cryptography and Security · Computer Science 2024-07-08 Minzhao Lyu , Hassan Habibi Gharakheili , Vijay Sivaraman

The use of codes defined by sparse characteristic matrices, like QC-LDPC and QC-MDPC codes, has become an established solution to design secure and efficient code-based public-key encryption schemes, as also witnessed by the ongoing NIST…

Cryptography and Security · Computer Science 2022-05-26 Marco Baldi , Franco Chiaraluce , Paolo Santini

Over the last decade, Web traffic has significantly shifted towards HTTPS due to an increased awareness for privacy. However, DNS traffic is still largely unencrypted, which allows user profiles to be derived from plaintext DNS queries.…

Networking and Internet Architecture · Computer Science 2023-05-04 Mike Kosek , Luca Schumann , Robin Marx , Trinh Viet Doan , Vaibhav Bajpai

Emerging protocols such as DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) improve the privacy of DNS queries and responses. While this trend towards encryption is positive, deployment of these protocols has in some cases resulted in further…

Networking and Internet Architecture · Computer Science 2021-09-23 Austin Hounsel , Paul Schmitt , Kevin Borgolte , Nick Feamster

Recent advancements in post-quantum cryptographic algorithms have led to their standardization by the National Institute of Standards and Technology (NIST) to safeguard information security in the post-quantum era. These algorithms,…

Hardware Architecture · Computer Science 2025-09-30 Jingyao Zhang , Elaheh Sadredini

DNS Security Extensions (DNSSEC) provide the most effective way to fight DNS cache poisoning attacks. Yet, very few DNS resolvers perform DNSSEC validation. Identifying such systems is non-trivial and the existing methods are not suitable…

Cryptography and Security · Computer Science 2024-06-06 Yevheniya Nosyk , Maciej Korczyński , Andrzej Duda
‹ Prev 1 2 3 10 Next ›