Enabling Post-Quantum Signatures in DNSSEC: One ARRF at a time

Loading...
Thumbnail Image

Date

2022-12-19

Authors

Goertzen, Jason

Advisor

Stebila, Douglas
Menezes, Alfred

Journal Title

Journal ISSN

Volume Title

Publisher

University of Waterloo

Abstract

The Domain Name System Security Extensions (DNSSEC) provide authentication of DNS responses using digital signatures. DNS relies on UDP as its primary delivery method which imposes several constraints, with the most notable being that DNS message sizes should be no larger than 1232 bytes to avoid message delivery issues. It is possible to deliver larger DNS messages by either utilizing UDP fragmentation or falling back to TCP, but neither are sufficiently reliable in the current DNS ecosystem. Although large DNSSEC messages are not a primary concern today — due to the signature size of actively used algorithms such as RSA or elliptic curve cryptography — large DNS messages become an alarming issue for post-quantum signing algorithms due to their larger signatures and/or keys. In this thesis, we propose ARRF, a method for fragmenting large DNS resource records at the application layer (rather than the transport layer). ARRF is a request-based fragmentation method, meaning that the initial response contains a truncated response and all remaining fragments must be explicitly requested. By using request-based fragmentation, ARRF avoids issues of previously proposed — and rejected — application-layer DNS fragmentation techniques. By requiring fragments to be explicitly requested at the application layer we avoid issues caused by problematic network devices along the transmission path. We implement ARRF and evaluate its performance on a simulated network when used for the three post-quantum algorithms selected by NIST for standardization (Falcon, CRYSTALS-Dilithium and SPHINCS+) at the 128-bit security level. Our experiments show that ARRF has considerably lower resolution times compared to DNS over UDP with TCP fallback for all tested algorithms. We also find that, when using ARRF to deliver Falcon and Dilithium less data transmission is required. ARRF was also designed with a low implementation burden. Our implementation is a simple lightweight daemon which sits in front of DNS name servers and resolvers and performs the fragmentation and reassembly transparently.

Description

Keywords

post-quantum cryptography, DNS, DNSSEC, networking

LC Subject Headings

Citation