Retrofitting security into network protocols: The case of DNSSEC

Amir Herzberg, Haya Shulman

Research output: Contribution to journalArticlepeer-review

22 Scopus citations

Abstract

DNS Security Extensions (DNSSEC) became standardized more than 15 years ago, but its adoption is still limited. The recent publication of several new, off-path DNS cache-poisoning and wide-scale man-in-the-middle attacks should motivate DNSSEC adoption. However, significant challenges and pitfalls have resulted in severely limited deployment, which is furthermore often incorrect (and hence vulnerable). The authors outline these problems and suggest directions for improvement and further research.

Original languageEnglish
Article number6756846
Pages (from-to)66-71
Number of pages6
JournalIEEE Internet Computing
Volume18
Issue number1
DOIs
StatePublished - 2014

Keywords

  • DNS
  • DNS security
  • DNSSEC
  • cache-poisoning

Fingerprint

Dive into the research topics of 'Retrofitting security into network protocols: The case of DNSSEC'. Together they form a unique fingerprint.

Cite this