Welcome to the resource topic for 2024/1319

Title:
Quantum-safe Signatureless DNSSEC

Authors: Aditya Singh Rawat, Mahabir Prasad Jhanwar

We present \mathsf{SL\text{-}DNSSEC}: a backward-compatible protocol that leverages a quantum-safe KEM and a MAC to perform signature-less \mathsf{(SL)} DNSSEC validations in a single UDP query/response style. Our experiments targeting NIST level I security for QTYPE A query resolution show that \mathsf{SL\text{-}DNSSEC} is practically equivalent to the presently deployed RSA-2048 in terms of bandwidth usage and resolution speeds. Compared to post-quantum signatures, \mathsf{SL\text{-}DNSSEC} reduces bandwidth consumption and resolution times by up to 95\% and 60\%, respectively. Moreover, with response size < query size \leq 1232 bytes, \mathsf{SL\text{-}DNSSEC} obviates the long-standing issues of IP fragmentation, TCP re-transmits and DDoS amplification attacks.

ePrint: https://eprint.iacr.org/2024/1319

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .