Impact of Post-Quantum Cryptography on DNSSEC

the impact of l.w
1 / 26
Embed
Share

Explore the impact of post-quantum cryptography on DNSSEC and the threat posed by quantum computers to current public-key algorithms. Discover new quantum-safe algorithms and delve into NIST standardization efforts. Learn about multivariate cryptography and lattice-based cryptography.

  • Cryptography
  • DNSSEC
  • Post-Quantum
  • NIST Standardization
  • Security
rayaanacharya
roke526 Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. The Impact of Post-Quantum Cryptography on DNSSEC DNS OARC Workshop 34 2021-02-04 Moritz M ller1,2, Maran van Heesch3, Jins de Jong3, Benno Overeinder4, Roland van Rijswijk-Deij2,4 1SIDN Labs, 2University of Twente, 3TNO, 4NLnet Labs 1

  2. The Problem Quantum Computers could break current public-key cryptography This is a threat to many Internet protocols, including DNSSEC New quantum-safe algorithms are assessed Main Research Question: Are these new quantum-safe algorithms suitable for DNSSEC? 2

  3. Introduction to Post Quantum Cryptography 3

  4. Threat to cryptography Better search algorithms: - Grover's algorithm - Symmetric cryptography is not broken. Only double key sizes needed. ( ? ? ) Finding subgroups: - Shor's algorithm ( ??? ?? ) Shor's algorithm breaks RSA and discrete logarithm cryptography. - All current public key cryptography must be replaced by a quantum-safe alternative! When: perhaps in the 2030's - Google claimed quantum supremacy in 2019. 4

  5. Post-quantum cryptography No classical or quantum algorithm to break it (quickly) is known. The same structure as public key cryptography (public / secret key). From them key encapsulation mechanisms (KEM's) and signature algorithms can be generated. For DNSSEC the signature schemes are most interesting. 5

  6. NIST standardization There is no perfect Post-Quantum candidate yet, but the threat of a Quantum computer is imminent. NIST standardization process (2016) - Round 1: 59 KEM + 23 SIGN. [15 published attacks] - Round 2: 17 KEM + 9 SIGN. - Round 3 (July 2020 Dec 2021): - Finalists: 4 KEM + 3 SIGN - Alternative candidates: 5 KEM + 3 SIGN 6

  7. Multivariate cryptography Bases on systems of polynomial equations in several variables. Essential idea: - P is a system of ? polynomial equations in ? variables. ?1,?2, ,?? = ? ?1,?2, ,?? KEM: Given a cipher text, there may only be one ?: This is hard to construct. ( ? < ? ) SIGN: Given a signature, it should be difficult to find any ?: ( ? > ? ) This is easy to construct. 7

  8. Lattice-based cryptography Flexible basis: many constructions possible Well-studied (by far the most published articles) Both Signatures, KEM s and much more Idea: Given an arbitrary lattice, find the lattice point closest to a given point (CVP) or the shortest vector in the lattice (SVP). - The lattice is presented in an ugly basis. Reducing the basis to a practical form (LLL-algorithm) takes a lot of time. 8

  9. Shortest vector poblem 9

  10. Hash-based cryptography Only requires secure hash- functions Considered safe Only signature schemes Fast, but large signatures Stateful signature schemes (Merkle trees) 10

  11. Some signing algorithms Key generation (cycles) Signing (cycles) Verifying (cycles) Algorithm Approach Private key Public key Signature Crystals-DIlithium- II Lattice 2.8kB 1.2kB 2.0kB 1E5 3E5 1E5 qTESLA-I Lattice 1.2kB 1.5kB 1.4kB 1E6 2E5 6E4 LUOV-7-57-197 Multivariate 32B 12kB 0.2kB 1E6 5E5 2E5 MQDSS-31-48 Multivariate 32B 62B 33kB 1E7 2E7 2E7 Sphincs+-Haraka- 128s Hash 64B 32B 8kB 5E7 9E8 1E6 Picnic-L1-FS Hash/ZKP 16B 32B 34kB 1E4 5E6 4E6 EdDSA-Ed22519 Elliptic curve 64B 32B 64B 5E4 5E4 2E5 (Security Level 1: ~128 bits) 11

  12. Applying PQC to DNSSEC 12

  13. Restrictions of DNSSEC Key and Signature Size Validation Performance Signing Performance 13

  14. Restrictions of DNSSEC Key and Signature Size Validation Performance Signing Performance > 1,232 bytes often cause fragmentation Larger records attractive for DDoS attacks 14

  15. Restrictions of DNSSEC Key and Signature Size Validation Performance Signing Performance Resolvers can validate thousands of signatures per second 15

  16. Restrictions of DNSSEC Key and Signature Size Validation Performance Signing Performance On-the-fly signing most time critical 16

  17. Requirements of DNSSEC Signature Size: Validation Performance: Signing Performance: 1,232 bytes 1000 sig/s 100 sig/s 17

  18. Finding the Right Algorithm Algorithm Public Key Signature Sign/s Verify/s Falcon-512 0.9kB 0.7kB ~ 3,300 ~20,000 Rainbow-Ia 149kB 64B ~ 8,300 ~ 11,000 RedGeMSS128 445kB 35B ~ 540 ~ 10,000 LUOV-7-57-197 12kB 0.2kB ~ 150 ~ 230 ED25519 32B 64B ~ 26,000 ~8,000 RSA-2048 0.3kB 0.3kN ~1,500 ~50,000 18

  19. Finding the Right Algorithm Algorithm Public Key Signature Sign/s Verify/s Falcon-512 0.9kB 0.7kB ~ 3,300 ~20,000 Rainbow-Ia 149kB 64B ~ 8,300 ~ 11,000 RedGeMSS128 445kB 35B ~ 540 ~ 10,000 LUOV-7-57-197 12kB 0.2kB ~ 150 ~ 230 ED25519 32B 64B ~ 26,000 ~8,000 RSA-2048 0.3kB 0.3kN ~1,500 ~50,000 19

  20. Finding the Right Algorithm Algorithm Algorithm Public Key Public Key Signature Signature Sign/s Sign/s Verify/s Verify/s Falcon-512 Falcon-512 0.9kB 0.9kB 0.7kB 0.7kB ~ 3,300 ~ 3,300 ~20,000 ~20,000 Rainbow-Ia Rainbow-Ia 149kB 149kB 64B 64B ~ 8,300 ~ 8,300 ~ 11,000 ~ 11,000 RedGeMSS128 RedGeMSS128 445kB 445kB 35B 35B ~ 540 ~ 540 ~ 10,000 ~ 10,000 LUOV-7-57-197 12kB 0.2kB ~ 150 ~ 230 ED25519 32B 64B ~ 26,000 ~8,000 RSA-2048 0.3kB 0.3kN ~1,500 ~50,000 20

  21. Finding the Right Algorithm Algorithm Public Key Signature Sign/s Verify/s Falcon-512 0.9kB 0.7kB ~ 3,300 ~20,000 Rainbow-Ia 149kB 64B ~ 8,300 ~ 11,000 RedGeMSS128 445kB 35B ~ 540 ~ 10,000 ED25519 32B 64B ~ 26,000 ~8,000 RSA-2048 0.3kB 0.3kN ~1,500 ~50,000 21

  22. Preparing DNSSEC for PQC Key and Signature Size Validation Performance Signing Performance Increased TCP support Out of band key distribution 22

  23. Preparing DNSSEC for PQC Key and Signature Size Validation Performance Signing Performance Less frequent validation 23

  24. Preparing DNSSEC for PQC Key and Signature Size Validation Performance Signing Performance Zone dependent algorithms 24

  25. Next Steps and Conclusions Future developments may force us to reconsider our options/preferences New signing and key distribution approaches need to be better understood Keep in mind: rolling to a new algorithm will take time 26

  26. Next Steps and Conclusions Future developments may force us to reconsider our options/preferences New signing and key distribution approaches need to be better understood Keep in mind: rolling to a new algorithm will take time Paper: https://ccronline.sigcomm.org/2020/ccr-october-2020/retrofitting- post-quantum-cryptography-in-internet-protocols-a-case-study-of-dnssec/ 27

Related


Roughtime: Securing time for IoT devices

Roughtime: Securing time for IoT devices

jayda
Data Management Workshop: Stata Commands for Statistical Analysis

Data Management Workshop: Stata Commands for Statistical Analysis

keyaan
Challenges Faced in DNSSEC Deployment by Geoff Huston at APNIC June 2016

Challenges Faced in DNSSEC Deployment by Geoff Huston at APNIC June 2016

seraphine
DNS Research Federation: Advancing Understanding of Cybersecurity Impact

DNS Research Federation: Advancing Understanding of Cybersecurity Impact

bri_k
DANE, DNSSEC, and TLS in Go6Lab

DANE, DNSSEC, and TLS in Go6Lab

kasz640
Enhancing WHOIS Updates with DNSSEC, ASPLAIN, and Abuse Contact Implementation

Enhancing WHOIS Updates with DNSSEC, ASPLAIN, and Abuse Contact Implementation

lash_9
Upgrade Requirements, Challenges, and Solutions for Same-Server DoT Implementation

Upgrade Requirements, Challenges, and Solutions for Same-Server DoT Implementation

mbout
Unraveling the Mystery of Missing DNSKEY Key Tags by Roy Arends

Unraveling the Mystery of Missing DNSKEY Key Tags by Roy Arends

ben_mar
Apache Traffic Control Update Highlights

Apache Traffic Control Update Highlights

ayan456
Evolution of DNSSEC Implementation at Nominet

Evolution of DNSSEC Implementation at Nominet

hieu_7
Domain Names for Authoritative DNS Servers

Domain Names for Authoritative DNS Servers

asy_mar
Proactive Network Protection Through DNS Security Insights

Proactive Network Protection Through DNS Security Insights

rserv
DNS Security Mechanisms

DNS Security Mechanisms

lunau
SaudiNIC's Experience in Deploying DNSSEC

SaudiNIC's Experience in Deploying DNSSEC

pray
DNSSEC: Adding Digital Signatures to DNS Responses

DNSSEC: Adding Digital Signatures to DNS Responses

sdaco
Evaluation of Ed25519 Cryptography Performance in DNSSEC Validation

Evaluation of Ed25519 Cryptography Performance in DNSSEC Validation

lresc
BIKE Cryptosystem: Failure Analysis and Bit-Flipping Decoder

BIKE Cryptosystem: Failure Analysis and Bit-Flipping Decoder

anai_233
Investigating Anomalous DNS Queries: A Case Study from DNS-OARC 25, Dallas

Investigating Anomalous DNS Queries: A Case Study from DNS-OARC 25, Dallas

kingcha
Internet Society Armenia's Role in Managing and Enhancing Armenia's DNS Infrastructure

Internet Society Armenia's Role in Managing and Enhancing Armenia's DNS Infrastructure

krap_nna
Evolution of ARIN: RPKI and DNSSEC Implementation

Evolution of ARIN: RPKI and DNSSEC Implementation

rboye
Partial Key Exposure Attacks on BIKE, Rainbow, and NTRU

Partial Key Exposure Attacks on BIKE, Rainbow, and NTRU

kuchar_d
Securing Communication in the Quantum Computing Era

Securing Communication in the Quantum Computing Era

cer_nob

More Related Content