Motivated by limitations in DNSSEC, ss2DNS has been recently proposed as an alternative scheme that augments recursive resolver and nameserver interactions with stronger real-time security and privacy properties. In this paper, using a symbolic model of ss2DNS in the Tamarin protocol verifier, and the assumption that none of the relevant cryptographic keys are compromised, we formally verify the security and privacy properties of the DNS resolution process with the root zone when using ss2DNS. The validity of these proofs is then extended to the other subordinate zones. We also explore the impact of key and entity compromises on ss2DNS security and privacy properties.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Formal Security Analysis of ss2DNS

  • Ali Sadeghi Jahromi,
  • AbdelRahman Abdou,
  • Paul C. van Oorschot

摘要

Motivated by limitations in DNSSEC, ss2DNS has been recently proposed as an alternative scheme that augments recursive resolver and nameserver interactions with stronger real-time security and privacy properties. In this paper, using a symbolic model of ss2DNS in the Tamarin protocol verifier, and the assumption that none of the relevant cryptographic keys are compromised, we formally verify the security and privacy properties of the DNS resolution process with the root zone when using ss2DNS. The validity of these proofs is then extended to the other subordinate zones. We also explore the impact of key and entity compromises on ss2DNS security and privacy properties.