faculteit: "FNWI" en publicatiejaar: "2009"
| Auteur||Cornel de Jong|
|Titel||Securing DNS : What consequences do the differences in design of DNSCurve and DNSSEC have on the implementations?|
|Begeleiders||Cees de Laat, Fred Mobach, Mendel Mobach|
|Faculteit||Faculteit der Natuurwetenschappen, Wiskunde en Informatica|
|Opleiding||FNWI MSc System and Network Engineering|
|Samenvatting||The Domain Name System (DNS) is a key infrastructure component of the Internet architecture. The fact that data can be manipulated to serve a malicious purpose has never been taken into consideration when the DNS was first developed. This can result in an untrustworthy DNS, last year D. Kaminsky showed the potential impact of this problem once again. Many solutions to secure the DNS focus on the protection of the name servers instead of the DNS as a whole.
This report shows the differences between DNSCurve and DNSSEC, two techniques developed to secure the DNS using a very different approach. DNSCurve offers authentication and encryption to the link-layer whereas DNSSEC offers message authentication and integrity verification through cryptographic signatures. The report is based on theoretical research to investigate the differences between these two techniques and will cover multiple areas, like: Installation requirements, transport protocol, challenges and tools. The maturity of DNSSEC, the existing signed ccTLDs, multiple testbeds and ongoing development make it more reliable for now than DNSCurve does. During the research period the ICANN announced steps to sign the root zone by the end of 2009; this is a major improvement for DNSSEC deployment. DNSCurve also shows some movement, the website now states that the software is under development and testing at the moment of writing (June 2009). DNSCurve looks very promising but first have to prove itself.|
|Soort document|| scriptie master|
Gebruik dit adres om naar deze pagina te linken: http://dare.uva.nl/scriptie/315934
Vraag/opmerking over dit recordMail aan een collega
Toevoegen aan bewaarset