Secure distributed DNS

A correctly working domain name system (DNS) is essential for the Internet. Due to its significance and because of deficiencies in its current design, the DNS is vulnerable to a wide range of attacks. This paper presents the design and implementation of a secure distributed name service on the level of a DNS zone. Our service is able to provide fault tolerance and security even in the presence of a fraction of corrupted name servers, avoiding any single point of failure. It further solves the problem of storing zone secrets online without leaking them to a corrupted server, while still supporting secure dynamic updates. Our service uses state-machine replication and threshold cryptography. We present results from experiments performed using a prototype implementation on the Internet in realistic setups. The results show that our design achieves the required assurances while servicing the most frequent requests in reasonable time.

[1]  Paul V. Mockapetris,et al.  Domain names - concepts and facilities , 1987, RFC.

[2]  Fred B. Schneider,et al.  Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.

[3]  Sam Toueg,et al.  Fault-tolerant broadcasts and related problems , 1993 .

[4]  Michael K. Reiter,et al.  How to securely replicate services , 1994, TOPL.

[5]  Yvo Desmedt,et al.  Threshold cryptography , 1994, Eur. Trans. Telecommun..

[6]  Yakov Rekhter,et al.  Dynamic Updates in the Domain Name System (DNS UPDATE) , 1997, RFC.

[7]  Donald E. Eastlake,et al.  Domain Name System Security Extensions , 1997, RFC.

[8]  Randy Bush,et al.  Clarifications to the DNS Specification , 1997, RFC.

[9]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[10]  Yvo Desmedt,et al.  Enabling secure on-line DNS dynamic update , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[11]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[12]  Dan Boneh,et al.  Building intrusion tolerant applications , 1999, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[13]  Victor Shoup,et al.  Secure and Efficient Asynchronous Broadcast Protocols , 2001, CRYPTO.

[14]  Sarah Ahmed,et al.  A Scalable Byzantine Fault Tolerant Secure Domain Name System , 2001 .

[15]  Victor Shoup,et al.  Secure and efficient asynchronous broadcast protocols : (Extended abstract) , 2001, CRYPTO 2001.

[16]  Christian Cachin,et al.  Secure INtrusion-Tolerant Replication on the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.

[17]  Miguel Castro,et al.  Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[18]  Fred B. Schneider,et al.  COCA: a secure distributed online certification authority , 2002 .

[19]  Derek Atkins,et al.  Threat Analysis of the Domain Name System (DNS) , 2004, RFC.

[20]  Victor Shoup,et al.  Random Oracles in Constantinople: Practical Asynchronous Byzantine Agreement Using Cryptography , 2000, Journal of Cryptology.

[21]  Scott Rose,et al.  DNS Security Introduction and Requirements , 2005, RFC.

[22]  Victor Shoup,et al.  Optimistic Asynchronous Atomic Broadcast , 2005, ICALP.