Security and Cost Analyses of DNSSEC Protocol | SpringerLink
Skip to main content
Springer Nature Link
Log in

Security and Cost Analyses of DNSSEC Protocol

  • Conference paper
Trustworthy Computing and Services (ISCTCS 2012)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 320))

Included in the following conference series:

  • 3223 Accesses

Abstract

Domain Name System Security Extensions (DNSSEC) is a security extension to DNS protocol, which has many security issues and is vulnerable to attacks. By using digital signature technology, DNSSEC provides data origin authentication and integrity. However, designed as the substitute to DNS, the deployment of DNSSEC doesn’t go well as predicted. In this paper, we will first present some security issues of DNSSEC in its practical application, and then analyze the computational and bandwidth costs of those resolvers and authoritative name servers that have been deployed with DNSSEC, through which we try to explain the current difficulties in DNSSEC deployment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 11439
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 14299
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: DNS Security Introduction and Requirements. RFC 4033 (Proposed Standard) (March 2005)

    Google Scholar 

  2. Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: Resource Records for the DNS Security Extensions. RFC 4034 (Proposed Standard) (March 2005)

    Google Scholar 

  3. Arends, R., Austein, R., Larson, M., Massey, D., Rose, S.: Protocol Modifications for the DNS Security Extensions. RFC 4035 (Proposed Standard) (March 2005)

    Google Scholar 

  4. Ariyapperuma, S., Mitchell, C.J.: Security vulnerabilities in DNS and DNSSEC. In: IEEE ARES (2007)

    Google Scholar 

  5. Kolkman, O.M.: Measuring the resource requirements of DNSSEC. Technical report, RIPE NCC / NLnet Labs (October 2005)

    Google Scholar 

  6. Jansen, J.: Measuring the effects of DNSSEC deployment on query load. NLnet Labs (May 2006)

    Google Scholar 

  7. Ager, B., Dreger, H., Feldmann, A.: Exploring the Overhead of DNSSEC (April 2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computing Technology, Chinese Academy of Sciences, Beijing, China

    Yao Yao, Longtao He & Gang Xiong

  2. Graduate University of Chinese Academy of Sciences, Beijing, China

    Yao Yao & Gang Xiong

  3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Gang Xiong

Authors
  1. Yao Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Longtao He
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gang Xiong
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Beijing University of Posts and Telecommunications, Beijing, China

    Yuyu Yuan  & Xu Wu  & 

  2. The School of Telecommunications Engineering, Beijing University of Posts and Telecommunications Beijing, P. O. Box 128, 100876, Beijing, China

    Yueming Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Yao, Y., He, L., Xiong, G. (2013). Security and Cost Analyses of DNSSEC Protocol. In: Yuan, Y., Wu, X., Lu, Y. (eds) Trustworthy Computing and Services. ISCTCS 2012. Communications in Computer and Information Science, vol 320. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35795-4_54

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35795-4_54

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35794-7

  • Online ISBN: 978-3-642-35795-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation